Paypal Handshake Issue


#1

Hi SSL Certificates newb here.

Recently, Paypal implemented an upgrade to SHA 256 and everything just went downhill for me when using the sandbox. When using the IPN tester, I get this error “IPN was not sent, and the handshake was not verified. Please review your information.” Which means that cURL encountered an error connecting to SSL. My beta site is working well on LE HTTPS. But it seems Paypal has problems completing a handshake and does not allow my IPN script to commence.

I’m using NGINX over Apache and assigned the key and the bundled certificate. Paypal uses a Symantec Class 3 Secure Server CA - G4 certificate. It seems that it requires the same class of certificate (or a compatible one) to complete the handshake, at least that’s how I understand it.

Let me know what you guys think. Am at my wits end…

Note that my test server is using an ‘extension’ of the original LE certificate. If that matters.

Thanks guys.


#2

Hi @olivieragustin,

Did you check your site with the Qualys SSL Labs scanner? It can report on misconfigurations (if any).

What do you mean by “an extension” of the certificate?

Can you check with PayPal about specific technical requirements for this application? Do they have documentation about what their requirements are or often any technical support?