Paypal SSL TLS 1.2 and HTTP1.1 update notice

annex
New Community Member
Posted on
‎Jun-22-2018 09:05 AM

Any of you guys got any emails from paypal about this?

Not sure what I need to do to confirm if I'm covered for the TLS 1.2 and HTTP1.1 update.

 

I think my server already supports it. 

I've used this git repo (https://github.com/paypal/TLS-update#php) to run the check on my production server and received a connection ok confirmation.

 

Any of you guys have any insight or advise about this ?

 

 

Thanks

 

Login to Me Too
Login to Reply or Kudo
1 REPLY 1

Anonymous_User
Not applicable
‎Jun-22-2018 09:19 AM

From what I've seen, most host providers have taken care of the updates or will shortly finish.  If you're using a 3rd party service or host provide, you're probably fine.   For many people the only thing they do is ensure that their browser or browsers are up to date.   If you're managing your own server, then it's up to you or your IT people to ensure your system is good to go.   For those who are not sure what this is all about, here's a few details:

 

Many web based services including PayPal are or have been updating their site security Transport Layer Security – or TLS – from TLS 1.0 to TLS 1.1.   The Transport Layer Security (TLS) is a cryptographic protocol used to establish a secure communications channel between two systems.   It is used to authenticate one or both systems, and protect the confidentiality and integrity of information that passes between systems including things as email, Internet faxing, and other data transfers.   To ensure the security of your personal information, your web browser also needs to be compatible with the new protocol. Browsers that don’t support TLS v1.1 or v1.2 will not be able to view any site that has upgraded to TLS 1.1.

The following browsers support the security changes and no action is required on your part:

    Internet Explorer 11 (Desktop & Mobile)
    Internet Explorer 8,9,10 (Desktop – Compatible but not enabled by default)
    Firefox 27 and higher
    Google Chrome 38 and higher
    Google Android 5.0 and higher
    Safari 7 on OSX 10.9 (Mavericks) Desktop and higher
    Safari 5 on iOS 5 Mobile and higher
    Edge

The following operating systems are not compatible with TLS 1.1 or higher and it's recommended that you upgrade your operating system to a supported system:

    Windows XP
    Windows Vista
    Server 2008
    Server 2003


Notes:
* If you're currently using Internet Explorer 7 or earlier – You must upgrade your browser
* If you're currently using Google Chrome – You must have have Windows 7 or a newer operating system
* If you're currently using Firefox version 26 or earlier – You must have Windows XP Service Pack 2 or newer
* If you're currently using Safari – versions older than 7 on OSX 1.9 (Mavericks) – TLS 1.1 and TLS 1.2 are not supported,
so you must use Google Chrome for MAC

Login to Me Too
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.