[BlueOnyx:22193] Re: TLS 1.2 and HTTP/1.1 Upgrade For PayPal
Michael Stauber
mstauber at blueonyx.it
Mon Jul 2 14:47:31 -05 2018
Hi David,
> Has anyone done the TLS 1.2 and HTTP/1.1 update on BlueOnyx 5106R Series?
>
> I know it's EOL... But is our gateway to paypal.
Yeah, it has been EOL'ed long ago. Please migrate to BlueOnyx 5209R,
which you can do via CMU. The instructions for that are available here:
http://www.blueonyx.it/index.php?page=cmu-migrations
Of course I can provide help with that if need be, although I'm
currently traveling and won't be back in the office until 9th July.
There are a lot of improvements in 5209R that never made it into
5207R/5208R or even 5106R. To begin with we disabled TLSv1.0 and TLSv1.1
in 5209R and only use the best chiffres. Still: As far as Paypal is
concerned the connection between your server and the Paypal API (if you
use the API) needs to be TLSv1.2. Depending on what shop module or
method you use you still might need to adjust it so that TLSv1.2 is
used. However: Typically shop modules use the best available protocol
and chiffres after doing an auto-detect or (if not) you can configure it
somewhere.
The OpenSSL on CentOS5 was simply too old to use some of the goodies
that are now industry standard.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list