메뉴 건너뛰기

도움말

[보안인증/Secure Certificate] 2048-bit certificates upgrade

Dear Customer,

In keeping with industry standards set by the Certification Authority/Browser (CA/B) Forum, PayPal will discontinue supporting 1024-bit key length certificates and will migrate to 2048-bit certificates before the end of 2013.

We have completed the installation of 2048-bit certificates for all API endpoints in our PayPal Sandbox and Payflow Pilot environments, and we will be doing the same for our production environments starting on August 6, 2013.

We strongly encourage merchants to thoroughly test any existing integration(s) in the PayPal Sandbox and/or Payflow Pilot environments to ensure this migration will not cause any unforeseen issues.

Please have the team or person responsible for your integration refer to the following:

If you need to import the new PayPal Sandbox and/or Payflow Pilot server certificates to your application or system truststore, you can download production and Sandbox certificates from https://ppmts.custhelp.com/app/answers/detail/a_id/952.

If you don’t typically import the server certificates to your truststore, you can proceed with testing with no other action required.

If you have any questions, please contact PayPal Merchant Technical Services by filing a ticket; refer to PP-LIVE-3503. You may also visit our Live Site Status blog.

Sincerely,

PayPal

--

I am using API signatures instead of certificates. So, I really dont need to do anything here, right?
=>
It's not the API certificate that is changing, it's the endpoint certificate that's changing to 2048. So whether your API credentials consist of either a API Signature or an API Certificate shouldn't matter.

You will only need to change anything if you're somehow storing and validating PayPal's API endpoint SSL certificate against a locally stored copy of the (same) SSL certificate. Often this is done in a so called 'truststore'.
Since PayPal's API endpoint certificate will change, you would need to update the certificate in the truststore accordingly.

So yes, you won't need to change anything if you're merely using an API signature or API certificate for API authentication.

=>
PayPal is upgrading the SSL certificates on their payment notification servers. If your PayPal Checkout Express configuration uses their certificates, you will need to import the new 2048-bit secure certificates. See the email below that was sent out earlier today.

If you use a shopping cart like Magento, you wouldn’t need to do anything because they use API signatures instead of certificates.





List of Articles
번호 제목 - 글쓴이 조회 수
9 [Authorize.net] 결제 이메일 받기 설정 온라인결제 master 8652
» [보안인증/Secure Certificate] 2048-bit certificates upgrade 온라인결제 master 16760
7 [페이팔/PayPal] 결제 페이지 타이틀 바꾸기 페이팔 master 15864
6 [페이팔/PayPal] Verified 확인하기 페이팔 master 15055
5 [페이팔/PayPal] "Add to cart" 버튼 만들기 file 페이팔 master 16093
4 [페이팔/PayPal] 한국 계좌 이체 페이팔 master 17260
3 [전자결제대행사/Payment Gateway] 카드 결제 대행사 소개 (Paypal, Authorize.net 등) 온라인결제 master 17799
2 [Authorize.net] 비용 및 회원가입방법 온라인결제 master 17846
1 [보안인증/Secure Certificate] SSL 이란? 온라인결제 master 19386
©2002 GeneralHomepage.Com.All Rights Reserved