Will PayPal be upgrading THEIR own SSL cert?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
PayPal's very own EV SSL certificate will be distrusted in an upcoming release of the Chrome browser.
The certificate used to load https://www.paypal.com/webapps/hermes?token=XXXXXXXXXXXXXX&useraction=commit&rm=2&mfid=XXXXXXXXXX uses an SSL certificate that will be distrusted in an upcoming release of Chrome. Once distrusted, users will be prevented from loading this resource. See https://g.co/chrome/symantecpkicerts for more information.
Symantec was lazy and issued invalid EV certificates, so Chromium decided to distrust their CA. Symantec ended up selling their PKI business to DigiCert.
Does anyone know when PayPal will be updating their EV certs to avoid disruption of services? The new DigiCert CA to replace Symantec's should be up no later than December 1. Why did PayPal even bother buying a Symtantec EV on 9/21/2017?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Maybe PayPal will become their own CA(!) but, for those running your own website: If you run a PayPal IPN website (or any SSL website for that matter), make sure your certificate is not affected by the Symantec SSL distrust that Chrome has created. There is a test tool available here: Check Your Website for Distrusted Symantec SSL Certificates
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You don't have to fill out a form and submit your information to anyone. If using Chrome (the browser that is distrusting the certificates), simply hit F12 to go to the Developer Console. There will be a yellow notice "The SSL certificate used to load resources from ___________ will be distrusted in M70."
This notice appears in my Chrome 63. It should have started as far back as Chrome 59. If Chrome is telling you this, why use an additional test tool that will tell you the same thing?
The full BLINK-DEV history of the Chromium discussion.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This thread died out, but the question remains.
Will PayPal be upgrading their certificates, or should I be taking some other action at this point?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also would love an answer to this. All of our sites running paypal is throwing the error in Chrome.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
According to Google, the beta for M70 (which I'm guessing means version 70) will be released in Sept 2018, so basically Paypal needs to have updated their SSL by then, otherwise all our sites are going to start throwing warning signs to users. Here's hoping Paypal doesn't leave this until last minute.....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would like a reply to this.
GoogleBlog states:
Chrome 66 has already been released to the Canary and Dev channels, meaning affected sites are already impacting users of these Chrome channels. If affected sites do not replace their certificates by March 15, 2018, Chrome Beta users will begin experiencing the failures as well.
If you see this message in DevTools, you’ll want to replace your certificate as soon as possible. If the certificates are not replaced, users will begin seeing certificate errors on your site as early as July 20, 2018. The first Chrome 70 Beta release will be around September 13, 2018.
Why has this not yet been fixed?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RE:
The SSL certificate used to load resources from https://www.paypal.com will be distrusted in M70. Once distrusted, users will be prevented from loading these resources. See https://g.co/chrome/symantecpkicerts for more information.
Came across this chain while developing with PHP and IPN for a client.
I keep getting warnings of impending doom in Google Chrome as well...
Thought I would chime in and point out a few places we can post about this to make sure it's on their "radar"
https://www.paypal-techsupport.com
https://developer.paypal.com/support/
https://stackoverflow.com/questions/ask
https://www.paypal-techsupport.com/app/utils/login_form?p_next_page=ask
If anyone else has quick links please post.
I assume Paypal knows about the M70 SSL issue, but it's unwise to "assume" anything when it comes to dev...
- « Previous page
-
- 1
- 2
- Next page »
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Suspected Fraud in Disputes and claims
- eBay sold item disputed through PayPal in Disputes and claims
- Placed order prior to opening account in Disputes and claims
- Clearence fee??? in Disputes and claims
- Since June 23 and has not been transferred to the link bank account. in Adding and withdrawing money