Jump to content
  • 0
fjcasadop

Paypal needs to change to TLS 1.2. How?

Question

Paypal will block all the payments made from any system using TLS1.0 instead of TLS1.2. This is the message:

 

Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2

 

And my question is... how do I change that? Or is Prestahop who has to change it for PS Cloud?

 

Thank you

Share this post


Link to post
Share on other sites

31 answers to this question

Recommended Posts

  • 0

I have the same issue for PS Cloud

 

let me know please the solution.

Share this post


Link to post
Share on other sites
  • 0

As mdekker told, please use support tab on your Cloud account dashboard for to contact directly Prestashop Cloud Team. They are the only one which can solve this problem.

Share this post


Link to post
Share on other sites
  • 0

Well, not exactly...

 

First the paypal module needs to be updated so that it uses TLS v1.2.  Why are we assuming that the server running PS Cloud does not support this version of TLS?

Share this post


Link to post
Share on other sites
  • 0

Well, not exactly...

 

First the paypal module needs to be updated so that it uses TLS v1.2.  Why are we assuming that the server running PS Cloud does not support this version of TLS?

 

Paypal will block all the payments made from any system using TLS1.0 instead of TLS1.2. This is the message:

 

Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2

 

And my question is... how do I change that? Or is Prestahop who has to change it for PS Cloud?

 

Thank you

Seems to be an information of Paypal, reading the server configuration ?

Share this post


Link to post
Share on other sites
  • 0

I checked the cloud configuration. Prestashop cloud is currently using OpenSSL 0.9.8o from June 2010. But TSL 1.2 needs minimum OpenSSL 1.0.1c. This library is supported from Apache 2.4.1 or Nginx 1.0.6.

So the TSL 1.2 supports needs more than a switch, it presumably requires reconfigured cloud servers .

Share this post


Link to post
Share on other sites
  • 0

So it is both a Paypal module update (earlier versions used SSL and TLS v1), and possibly a server update.  The OP has not returned to confirm which version of openssl they are using.  It is very likely that TLS v1.2 is not supported by the server, but don't over look the fact that the Paypal module they are using likely needs an update as well

Share this post


Link to post
Share on other sites
  • 0

Hi!
My hosting provider (Siteground) confirmed me that i'm running on tls 1.2 but paypal module still says that i'm on 1.0

As they said, that's a module problem, how to force it to see that actualy i'm on 1.2? :|

Share this post


Link to post
Share on other sites
  • 0

So it is both a Paypal module update (earlier versions used SSL and TLS v1), and possibly a server update.  The OP has not returned to confirm which version of openssl they are using.  It is very likely that TLS v1.2 is not supported by the server, but don't over look the fact that the Paypal module they are using likely needs an update as well

 

I contacted Prestashop through the support tab, as you suggested, and they confirmed that they are aware of this problem and working on it.

Share this post


Link to post
Share on other sites
  • 0

how long will it take to solve this problem?

without paypal is a shop nearly unnessesary...

Share this post


Link to post
Share on other sites
  • 0

no one from this thread can tell you how long Prestashop will fix their cloud platform, you will need to contact them.

Share this post


Link to post
Share on other sites
  • 0

And if you are a UK seller forget it. As far as I can tell there will be no free paypal module for UK sellers any more. Even the rather pricey paid module they point you to is no good because it is for card payments only and does not allow customers to pay with their paypal account

Share this post


Link to post
Share on other sites
  • 0

I'm tring to install paypal on my site but it output the same:

"Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2".

Siteground said that my server run 1.2 tls and they proved it. The paypal module is updated. So what is that issue?

Edited by Marco X

Share this post


Link to post
Share on other sites
  • 0

If they are using .98c, it makes me wonder if they are using Cent 5. That would be a bring problem because Cent 5 doesn't support TLS 1.2.

  • Like 1

Share this post


Link to post
Share on other sites
  • 0
Thanks for the answers guys! 

I'm a bit worried because there are no official news from PrestaShop so I think it will be a long, long waiting. 

 

This problem has also a large impact on lots of prestashop customers, isn't it?

Share this post


Link to post
Share on other sites
  • 0

Hello guys,

same problem here. I hope the community will get an solution as soon as possible because all our e-shops can't work without Paypal... 

Share this post


Link to post
Share on other sites
  • 0

Today with PayPal v3.10.8 - da PrestaShop:
 
No more red error message!

 

Presta_smile.png

 

I'm going to test it with some payments as soon as possible!

 

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

Today with PayPal [/size]

v3.10.8 - da PrestaShop:

 

No more red error message!

 

Presta_smile.png

 

I'm going to test it with some payments as soon as possible!

 

Congrats! :)

However, my cloud testshop configuration (btw. still not updated from 1.6.1.1 by service team) from today still reports:

OpenSSL support enabled

OpenSSL Library Version OpenSSL 0.9.8o 01 Jun 2010

OpenSSL Header Version OpenSSL 0.9.8o 01 Jun 2010

Share this post


Link to post
Share on other sites
  • 0

I suppose it is a problem of the Prestashop Version in use. On mine cloud PS 1.6.1.3 no errors too.

 

post-741527-0-12679200-1463408888_thumb.jpg

 

Share this post


Link to post
Share on other sites
  • 0

How to check which versions of TLS and HTTP are being used by my store?

Share this post


Link to post
Share on other sites
  • 0

You should ask your host, they can tell you.

Share this post


Link to post
Share on other sites
  • 0

I have this problem 

 

Notice in Zeile 69 der Datei /customers/7/0/2/meriscon.com/httpd.www/artshop/modules/paypal/classes/TLSVerificator.php
[8] Undefined property: stdClass::$tls_version

 

 

PLEASE HELP!!!

Share this post


Link to post
Share on other sites
  • 0

Any info on this?

Tls verification failed. TLS version is not compatible.

Paypal ver. 4.4.4

Prestashop ver. 1.7.5.1

php 7.1.28

We use a plesk server, also in phpinfo.php i found:

Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2
OpenSSL support enabled
OpenSSL Library Version OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version OpenSSL 1.0.1e 11 Feb 2013
Openssl default config /etc/pki/tls/openssl.cnf

Share this post


Link to post
Share on other sites
  • 0
18 hours ago, espacious said:

Any info on this?

Tls verification failed. TLS version is not compatible.

Paypal ver. 4.4.4

Prestashop ver. 1.7.5.1

php 7.1.28

We use a plesk server, also in phpinfo.php i found:

Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2
OpenSSL support enabled
OpenSSL Library Version OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version OpenSSL 1.0.1e 11 Feb 2013
Openssl default config /etc/pki/tls/openssl.cnf

 

Hello,

  • Open your server panel (Plesk),
  • Go to domain detail page,
  • Find and click the Apache & Nginx Settings,
    image.png.7ee32aaa2bdf33baa1e375de315130ee.png
     
  • Paste:
    # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    image.png.e3774a2e2d6330c51631349a04b31814.png
     
  • and Save it.
  • That's it.

 

Share this post


Link to post
Share on other sites
  • 0

Hmm. I was told i have to update curl.

now i have:

cURL Information 7.29.0

Should be at least 7.34.x as the paypal support team told me.

Also thanks for your "how to" but i think i already have TLS1.2 enabled, as you can see in the screenshot or am i wrong?

Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

I'm pasting also the email i got from support team if it helps someone:

Quote

Thank you for contacting us, this problem does not come from our module. Following the recent update of the Paypal side, you must ensure that your store is always compatible after the new update. the details are in the following text:

 

PayPal performs security updates on its servers.

 

This security update consists of the following:

1 - Upgrading to TLS 1.2 and HTTP / 1.1: Your server must be able to support these protocols.

 

Note: you will need at least a version of OpenSSL greater than or equal to 1.0.1 and if you use cURL, a version greater than or equal to 7.34.0. 

 

Also verify that your server has Verisign G5 Root certificate: https://knowledge.symantec.com/support/mpki-for-ssl-support/index?page=content&actp=CROSSLINK&id=SO5624

 

2 - Upgrading the SSL Certificate: In order to decrypt the new certificates, your website must be able to support the use of the SHA-256 signature algorithm.

 

==> For the 2 points above, I invite you to contact your host to check if everything is in order.

 

3 - HTTPS Standard for IPN Post Back Checks

This does not mean that your site must be in HTTPS, it just means that when your IPN script sends its response to PayPal, it must use the correct security standards.

To make sure, I invite you to contact the developer of your IPN script to ensure that the connection is done correctly.

 

It is therefore important that you verify that for all API calls as well as for IPN postbacks, your site is able to support these new standards.

 

I invite you to contact your host to ensure that your server has all these prerequisites.

 

In addition, if you use a basket management system, such as Prestashop / WooCommerce / Magento, I invite you to update your modules to ensure compatibility.

 

ATTENTION: However, I want to inform you that you do not need to buy an SSL license for your server and that these prerequisites correspond to updates of your server, neither more nor less.

Indeed an SSL license allows to have a site certified in https but the security update PayPal just asks that your shop is able to communicate with the new PayPal server, which they will have new standards. And for that, it is not necessary to have a site in HTTPS.

 

Share this post


Link to post
Share on other sites
  • 0
35 minutes ago, espacious said:

Also thanks for your "how to" but i think i already have TLS1.2 enabled, as you can see in the screenshot or am i wrong?

Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

I'm pasting also the email i got from support team if it helps someone:

 

But you also have ssl, sslv3, tls and tls1.0 enabled.  all of which should be disabled as they are no longer secure protocols.  also with them enabled, paypal may be defaulting to them

Share this post


Link to post
Share on other sites
  • 0

Ok now i understand your point, let me try.

Share this post


Link to post
Share on other sites
  • 0
On 5/8/2019 at 10:52 AM, SahinSOLMAZ said:

 

Hello,

  • Open your server panel (Plesk),
  • Go to domain detail page,
  • Find and click the Apache & Nginx Settings,
    image.png.7ee32aaa2bdf33baa1e375de315130ee.png
     
  • Paste:
    # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    image.png.e3774a2e2d6330c51631349a04b31814.png
     
  • and Save it.
  • That's it.

 

SahinSOLMAZ seems working OK, Thanks to all!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More