moodybear Posted November 24, 2014 Share Posted November 24, 2014 Logging into PayPal it informs me I need to change setting on my site for continuation in taking trasanctions... ANy Advise on this would be helpful on WHERE exactly to make the chance and ensure there is no break in the sales I have. Or if any changes need to be made at all? Many Many Thanks in advance Quote Link to comment Share on other sites More sharing options...
bsmither Posted November 24, 2014 Share Posted November 24, 2014 According to >this announcement, there is no need for CubeCart owners to edit any CubeCart code. The onus is on the server administrator to deal with SSL/TLS. Quote Link to comment Share on other sites More sharing options...
danielkehorne Posted December 1, 2014 Share Posted December 1, 2014 I'm admining a site where the host has no plans to disable SSL3. Their response when asked about this was:- 'we wouldn't be able to disable SSL3 even temporarily, as this might have unintended consequences for other users on the server. It might be worth asking CubeCart if they have any way of forcing the transaction with Paypal to be TLS-only, within the code.' Any suggestions as to if there is a way to do this? I'm admining a site where the host has no plans to disable SSL3. Their response when asked about this was:- 'we wouldn't be able to disable SSL3 even temporarily, as this might have unintended consequences for other users on the server. It might be worth asking CubeCart if they have any way of forcing the transaction with Paypal to be TLS-only, within the code.' Any suggestions as to if there is a way to do this? I'm admining a site where the host has no plans to disable SSL3. Their response when asked about this was:- 'we wouldn't be able to disable SSL3 even temporarily, as this might have unintended consequences for other users on the server. It might be worth asking CubeCart if they have any way of forcing the transaction with Paypal to be TLS-only, within the code.' Any suggestions as to if there is a way to do this? Quote Link to comment Share on other sites More sharing options...
danielkehorne Posted December 1, 2014 Share Posted December 1, 2014 I'm admining a site where the hosting company has no intention of disabling SSL. This is their response:- 'we wouldn't be able to disable SSL3 even temporarily, as this might have unintended consequences for other users on the server. It might be worth asking CubeCart if they have any way of forcing the transaction with Paypal to be TLS-only, within the code.' Any suggestions? Quote Link to comment Share on other sites More sharing options...
bsmither Posted December 1, 2014 Share Posted December 1, 2014 From reading how other shopping cart programs are advising their users to deal with SSL/TLS, I conclude that the cURL library used by PHP (if at a recent version) auto-negotiates with the remote server (PayPal) for the best and highest version of encryption to use. That is to say, because CubeCart does not tell cURL which type/version of encryption to use, cURL is free to ask PayPal if it can do this, and if not, then try this other, and if not, then try .... I have looked only in the module gateway.class.php file, not in any of the plugin files for PayPal. Are you, in fact, currently experiencing errors when trying to pay by PayPal? Quote Link to comment Share on other sites More sharing options...
danielkehorne Posted December 2, 2014 Share Posted December 2, 2014 Hi, No not currently experiencing errors on regular payments, but when we put Paypal into sandbox mode it does fail. So this makes me worry it's using SSL3. Quote Link to comment Share on other sites More sharing options...
Toucan Web Design Posted December 2, 2014 Share Posted December 2, 2014 Just to check, did you set up a sandbox account with different details? They use a different encryption password and id and whatnot usually.. by the looks of things they've simplified it since last time I touched it, you should be able to quickly clone your live details into the sandbox mode one But yes, if you've hooked that up, then a little worrying if it's failing on sandbox.. does it give a specific error, or is it generic? Quote Link to comment Share on other sites More sharing options...
danielkehorne Posted December 2, 2014 Share Posted December 2, 2014 Thanks a lot Toucan, I had been trying sandbox using the normal details. Just tried sandbox with some test details from Paypal and it worked. Thanks for the help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.