Paypal needs to change to TLS 1.2. How?

[fjcasadop]

Paypal will block all the payments made from any system using TLS1.0 instead of TLS1.2. This is the message:

 

Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2

 

And my question is... how do I change that? Or is Prestahop who has to change it for PS Cloud?

 

Thank you

[guigui112]

I've got the same issue, I don't know what to do

Can someone help us?

 

Thank you!

[Isa2]

I have the same issue for PS Cloud

 

let me know please the solution.

[selectshop.at]

As mdekker told, please use support tab on your Cloud account dashboard for to contact directly Prestashop Cloud Team. They are the only one which can solve this problem.

[bellini13]

Well, not exactly...

 

First the paypal module needs to be updated so that it uses TLS v1.2.  Why are we assuming that the server running PS Cloud does not support this version of TLS?

[selectshop.at]

Well, not exactly...

 

First the paypal module needs to be updated so that it uses TLS v1.2.  Why are we assuming that the server running PS Cloud does not support this version of TLS?

 

Paypal will block all the payments made from any system using TLS1.0 instead of TLS1.2. This is the message:

 

Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2

 

And my question is... how do I change that? Or is Prestahop who has to change it for PS Cloud?

 

Thank you

Seems to be an information of Paypal, reading the server configuration ?

[eleazar]

I checked the cloud configuration. Prestashop cloud is currently using OpenSSL 0.9.8o from June 2010. But TSL 1.2 needs minimum OpenSSL 1.0.1c. This library is supported from Apache 2.4.1 or Nginx 1.0.6.

So the TSL 1.2 supports needs more than a switch, it presumably requires reconfigured cloud servers .

[bellini13]

So it is both a Paypal module update (earlier versions used SSL and TLS v1), and possibly a server update.  The OP has not returned to confirm which version of openssl they are using.  It is very likely that TLS v1.2 is not supported by the server, but don't over look the fact that the Paypal module they are using likely needs an update as well

[JabLabs]

Hi!
My hosting provider (Siteground) confirmed me that i'm running on tls 1.2 but paypal module still says that i'm on 1.0

As they said, that's a module problem, how to force it to see that actualy i'm on 1.2? :|

[JotaCe]

So it is both a Paypal module update (earlier versions used SSL and TLS v1), and possibly a server update.  The OP has not returned to confirm which version of openssl they are using.  It is very likely that TLS v1.2 is not supported by the server, but don't over look the fact that the Paypal module they are using likely needs an update as well

 

I contacted Prestashop through the support tab, as you suggested, and they confirmed that they are aware of this problem and working on it.

[Kovu2009]

how long will it take to solve this problem?

without paypal is a shop nearly unnessesary...

[bellini13]

no one from this thread can tell you how long Prestashop will fix their cloud platform, you will need to contact them.

[Guest]

And if you are a UK seller forget it. As far as I can tell there will be no free paypal module for UK sellers any more. Even the rather pricey paid module they point you to is no good because it is for card payments only and does not allow customers to pay with their paypal account

[Marco X]

I'm tring to install paypal on my site but it output the same:

"Your configuration use version 1.0 to communicate with PayPal.From July, all payments will be blocked.Thank you to approach your hosting company to enable the TLS version 1.2".

Siteground said that my server run 1.2 tls and they proved it. The paypal module is updated. So what is that issue?

Edited April 29, 2016 by Marco X (see edit history)

[Dh42]

If they are using .98c, it makes me wonder if they are using Cent 5. That would be a bring problem because Cent 5 doesn't support TLS 1.2.

[Marco X]

Thanks for the answers guys! 

I'm a bit worried because there are no official news from PrestaShop so I think it will be a long, long waiting. 

 

This problem has also a large impact on lots of prestashop customers, isn't it?

[tsunamisurfing]

Hello guys,

same problem here. I hope the community will get an solution as soon as possible because all our e-shops can't work without Paypal... 

[Marco X]

Today with PayPal v3.10.8 - da PrestaShop:
 
No more red error message!

 

 

I'm going to test it with some payments as soon as possible!

 

[kolazero]

Great news, waiting for test results!

[eleazar]

Today with PayPal [/size]

v3.10.8 - da PrestaShop:

 

No more red error message!

 

 

I'm going to test it with some payments as soon as possible!

 

Congrats!

However, my cloud testshop configuration (btw. still not updated from 1.6.1.1 by service team) from today still reports:

OpenSSL support enabled

OpenSSL Library Version OpenSSL 0.9.8o 01 Jun 2010

OpenSSL Header Version OpenSSL 0.9.8o 01 Jun 2010

[selectshop.at]

I suppose it is a problem of the Prestashop Version in use. On mine cloud PS 1.6.1.3 no errors too.

 

 

[dacct]

How to check which versions of TLS and HTTP are being used by my store?

[Dh42]

You should ask your host, they can tell you.

[bellini13]

Assuming this is Prestashop Cloud, then Prestashop is your host.

[meriscon]

I have this problem 

 

Notice in Zeile 69 der Datei /customers/7/0/2/meriscon.com/httpd.www/artshop/modules/paypal/classes/TLSVerificator.php
[8] Undefined property: stdClass::$tls_version

 

 

PLEASE HELP!!!

[espacious]

Any info on this?

Tls verification failed. TLS version is not compatible.

Paypal ver. 4.4.4

Prestashop ver. 1.7.5.1

php 7.1.28

We use a plesk server, also in phpinfo.php i found:

Registered Stream Socket Transports

tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

OpenSSL support	enabled
OpenSSL Library Version	OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version	OpenSSL 1.0.1e 11 Feb 2013
Openssl default config	/etc/pki/tls/openssl.cnf

[SahinSOLMAZ]

18 hours ago, espacious said:

Any info on this?

Tls verification failed. TLS version is not compatible.

Paypal ver. 4.4.4

Prestashop ver. 1.7.5.1

php 7.1.28

We use a plesk server, also in phpinfo.php i found:

Registered Stream Socket Transports

tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

OpenSSL support	enabled
OpenSSL Library Version	OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSL Header Version	OpenSSL 1.0.1e 11 Feb 2013
Openssl default config	/etc/pki/tls/openssl.cnf

 

Hello,

• Open your server panel (Plesk),
• Go to domain detail page,
• Find and click the Apache & Nginx Settings,
  
   
• Paste:
  # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  
   
• and Save it.
• That's it.

 

[espacious]

Hmm. I was told i have to update curl.

now i have:

cURL Information

7.29.0

Should be at least 7.34.x as the paypal support team told me.

Also thanks for your "how to" but i think i already have TLS1.2 enabled, as you can see in the screenshot or am i wrong?

Registered Stream Socket Transports

tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

I'm pasting also the email i got from support team if it helps someone:

Quote

Thank you for contacting us, this problem does not come from our module. Following the recent update of the Paypal side, you must ensure that your store is always compatible after the new update. the details are in the following text:

 

PayPal performs security updates on its servers.

 

This security update consists of the following:

1 - Upgrading to TLS 1.2 and HTTP / 1.1: Your server must be able to support these protocols.

 

Note: you will need at least a version of OpenSSL greater than or equal to 1.0.1 and if you use cURL, a version greater than or equal to 7.34.0. 

 

Also verify that your server has Verisign G5 Root certificate: https://knowledge.symantec.com/support/mpki-for-ssl-support/index?page=content&actp=CROSSLINK&id=SO5624

 

2 - Upgrading the SSL Certificate: In order to decrypt the new certificates, your website must be able to support the use of the SHA-256 signature algorithm.

 

==> For the 2 points above, I invite you to contact your host to check if everything is in order.

 

3 - HTTPS Standard for IPN Post Back Checks

This does not mean that your site must be in HTTPS, it just means that when your IPN script sends its response to PayPal, it must use the correct security standards.

To make sure, I invite you to contact the developer of your IPN script to ensure that the connection is done correctly.

 

It is therefore important that you verify that for all API calls as well as for IPN postbacks, your site is able to support these new standards.

 

I invite you to contact your host to ensure that your server has all these prerequisites.

 

In addition, if you use a basket management system, such as Prestashop / WooCommerce / Magento, I invite you to update your modules to ensure compatibility.

 

ATTENTION: However, I want to inform you that you do not need to buy an SSL license for your server and that these prerequisites correspond to updates of your server, neither more nor less.

Indeed an SSL license allows to have a site certified in https but the security update PayPal just asks that your shop is able to communicate with the new PayPal server, which they will have new standards. And for that, it is not necessary to have a site in HTTPS.

 

[bellini13]

35 minutes ago, espacious said:

Also thanks for your "how to" but i think i already have TLS1.2 enabled, as you can see in the screenshot or am i wrong?

Registered Stream Socket Transports

tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2

I'm pasting also the email i got from support team if it helps someone:

 

But you also have ssl, sslv3, tls and tls1.0 enabled.  all of which should be disabled as they are no longer secure protocols.  also with them enabled, paypal may be defaulting to them

[espacious]

Ok now i understand your point, let me try.

[espacious]

On 5/8/2019 at 10:52 AM, SahinSOLMAZ said:

 

Hello,

• Open your server panel (Plesk),
• Go to domain detail page,
• Find and click the Apache & Nginx Settings,
  
   
• Paste:
  # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  
   
• and Save it.
• That's it.

 

SahinSOLMAZ seems working OK, Thanks to all!

[selectshop.at]

I close this topic. I'm sure you are not using Prestashop Cloud service. This was quit since February 2017 ! Please feel free to open a new topic with your problem on the active ENGLISH forum section. For Paypal it is this one: https://www.prestashop.com/forums/forum/152-paypal/