Mobile app version of vmapp.org
Login or Join
Deb1703797

: ACTION MAY BE REQUIRED: PayPal service upgrades for merchants I recently received an email from PayPal asking us to upgrade SSL. Discontinue use of the VeriSign G2 Root Certificate.

@Deb1703797

Posted in: #Godaddy #Https #Paypal #SecurityCertificate

I recently received an email from PayPal asking us to upgrade SSL.



Discontinue use of the VeriSign G2 Root Certificate. In accordance
with industry standards, PayPal will no longer accept secure
connections that are signed by the VeriSign G2 Root Certificate.
Only secure connection requests that are expecting our
certificate/trust chain to be signed by the G5 Root Certificate will
result in successful secure connections.
Update your integration to support certificates using the SHA-256
algorithm. PayPal is upgrading SSL certificates on all Live and
Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm.



I'm using GodDaddy SSL. I clicked the green lock icon, and it shows the SSL is issued by GoDaddy Secure Certificate Authority - G2. Should I upgrade my certification? If yes; How do I upgrade it?

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Deb1703797

2 Comments

Sorted by latest first Latest Oldest Best

 

@Berumen354

It seems that GoDaddy Secure Certificate Authority - G2 already refers to a SHA-2 certificate. If you are not sure, you should check in your hosting account to check which algorithm is being used by your certificate.

10% popularity Vote Up Vote Down


 

@Kimberly868

If you contact GoDaddy support they will be able to re-issue your SSL certificate using the latest root certificates and algorithms etc.

I can't confirm whether or not their latest algorithms will satisfy the requirements of PayPal but it seems very likely, you should ask them - perhaps copy+paste that message into a live support chat with one of their support agents after logging in to their control panel.

The same principle applies to anyone with an SSL certificate, it is worth periodically checking with the vendor if a newer version of it with more secure algorithms etc could be available to you. Updates to your purchased SSL certificate during the purchased certificate period never cost extra.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme