By June 2018, PayPal is upgrading the protocols used to secure all external connections made to their systems. Transport Layer Security version 1.2 (TLS 1.2) and Hypertext Transfer Protocol version 1.1 (HTTP/1.1) will become mandatory for communication with PayPal servers. Does billing PayPal payment plugin support TLS 1.2?
TLS algorithm is used by default for secure connection and support of TLS 1.2 version depends only on the installed cURL library on billing application node.
It is possible to check if the currently installed CURL library supports TLS 1.2 by using the instructions provided by PayPal in a "Technical Details" section of the document located at the PayPal website https://www.paypal.com/webapps/mpp/tls-http-upgrade:
Run the following command from a billing application node:
# curl https://tlstest.paypal.com
A successful connection to
https://tlstest.paypal.com will return an HTTP 200 response with the following text in the body: "PayPal_Connection_OK".
On failure: One of the following errors will occur depending on what your system does not support:
- HTTPS – tlstest.paypal.com will return an HTTP 400 response with the following text in the body: "ERROR! Connection is not HTTPS. Please use https://tlstest.paypal.com"
- HTTP/1.1 - tlstest.paypal.com will return an HTTP 400 response with the following text in the body: "ERROR! Connection is using HTTP/1.0 protocol. Please use HTTP/1.1"
- TLS 1.2 (SHA-256) - An SSL connection error will be thrown by your code.