![]() ![]() They give us test endpoints (sandbox endpoints) to use and they don’t work. You will want to keep your live settings to remain TLS 1. Right now everything is working with paypal as the F5 is configured but my tests are showing that it won’t work after the deadline of the 30th when they switch to new endpoints. You have a few options available, you can ensure that your sandbox environment is TLS 1.2 Compliant. Our SSL offloading is happening on the F5 ( Clients to F5 is secure and from the F5 to the webservers is just plain http) which I read is a pretty normal implantation. The reason I think it does is because the SSL profile that is currently assigned to the Virtual Server for which our website is tied to, is using an SSL cert from GoDaddy that is using sha256.ģ)The reason I set the ssl profile cipher to: DEFAULT:!SSLV3:!TLSV1:!TLSV1_1 is because paypal’s upgrade guide is saying that in order to test using the paypal sandbox endpoints we had to support TLS 1.2. “ (paypal)ġ)I checked to make sure that we have the VeriSign G5 Root cert on the F5 and I do see it under “ssl certificate list” (not sure if that’s where it should go?)Ģ)I think our environment supports the SHA-256 signing algorithm but I’m not exactly sure where to check that. They said we will need to ensure that our environment supports the use of the SHA-256 signing algorithm and discontinue the use of SSL connections that rely on the VeriSign G2 Root Cert. list of protocols is automatically extended with tls1.2 by a next fiddler. These new certificates will be signed using the SHA-256 algorithm and VeriSign’s 2048-bit G5 Root Cert. I am able to access alot of other HTTPs sites (such as Google, Paypal, etc.). “Paypal is in the process of upgrading the SSL certificates used to secure their websites and API endpoints. Maybe I’m barking up the wrong tree all together. ![]() ![]() I’m still getting an error in the log that says “The request was aborted: Could not create SSL/TLS secure channel” Since reading your recommendation I’ve edited my ssl profile cipher to the following : DEFAULT:!SSLV3:!TLSV1:!TLSV1_1
0 Comments
Leave a Reply. |