OSDonate and PayPal Users: You Must Get an SSL Certificate

If you're using OSDonate (or any software that integrates with PayPal), your site needs to use a valid SSL certificate with TLS 1.2 protocol starting Saturday, June 30.

PayPal has a post on their blog with details on this important change.

Here's the important section of the PayPal post:

Merchants and partners use HTTPS to securely connect with PayPal’s servers. We use the Transport Layer Security (TLS) protocol to encrypt these communications. To ensure the security of our systems and adhere to industry best practices, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections.

That's a lot of technical jargon. What does it mean in plain English? It means that starting in July, any site that tries to process PayPal payments without an SSL certificate with TLS 1.2 and HTTP/1.1 will be refused. It will be impossible to use PayPal if your site doesn't comply with these requirements.

Help! I don't have an SSL!

Don't worry. The days of expensive SSL certificates are gone.

This post explains how to get a free SSL certificate with Let's Encrypt.

This post explains the pros and cons of using an SSL certificate for your site.

I have an SSL certificate but I don't know if TLS 1.2 is supported

If your site already has a valid SSL certificate but you're not sure if TLS 1.2 is supported, go to this SSL online checker.

  1. Type your site URL in the hostname field, then press enter key.
  2. Wait until the process finishes. It may take a while.
  3. Scroll down and look in the "Configuration" section. If the value for TLS 1.2 protocol is "yes" in green color, you are fine. If not, you need to contact your hosting provider to know how to upgrade to TLS 1.2.

tls12


About the author

Steve is the CEO of Joomlashack. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.