Problem/Motivation

Analogous to #2380629: Paypal dropping support for SSL. TLS required. in other module, and as per Paypal announcement to drop SSL support on Dec 3rd, and given that curl uses SSL by default if not explicitly told, it is required to set TLS manually as recommended by paypal.

Proposed resolution

Set TLS explicitly.

Remaining tasks

Add a patch.

User interface changes

None.

API changes

None.

Data model changes

None.

CommentFileSizeAuthor
#2 use-tls.patch617 bytesmarvil07

Comments

marvil07 created an issue. See original summary.

marvil07’s picture

marvil07 commented
Assigned: marvil07 » Unassigned
Status: Active » Needs review
StatusFileSize
new use-tls.patch617 bytes

Here the related patch, it will be critical on the mentioned deadline.

torgospizza’s picture

torgospizza
he/him
Primary language English
Location Portland, OR
commented
Priority: Major » Critical
Status: Needs review » Reviewed & tested by the community

Works for me. This is critical and should be committed before December 3rd, otherwise Commerce shops using PayPal will have some trouble.

mstrelan’s picture

mstrelan commented

I believe the new deadline is Jan 14, 2016 for the sandbox and Jun 17, 2016 for production.
https://www.paypal-knowledge.com/infocenter/index?page=content&id=FAQ1913

mrchristophy’s picture

mrchristophy commented

I'm running into this problem today on my Paypal WPP sandbox account. I've tried the patch but I'm still receiving an error. See my issue: https://www.drupal.org/node/2655868#comment-10782140

dimchich’s picture

dimchich commented

I have same problems,
My drupal site runs on php 5.4.45 and openssl is 1.0.1 and curl is 7.22.0
Seems that there are no constants CURL_SSLVERSION in php < 5.5
More than that if i use 1 instead of CURL_SSLVERSION_TLSv1 or 6 instead of CURL_SSLVERSION_TLSv1_2 paypal not works

Nate_P’s picture

Nate_P commented

If you are still receiving the error, you most likely need to install a more recent version of cURL. We run a CentOS 6 webserver, and the following instructions fixed the error for us:

https://www.digitalocean.com/community/questions/how-to-upgrade-curl-in-centos6

This is along with only using the changes according to the patch here.

A quick Google search on updating cURL with your server version should help you find the correct repos and such to install from.

Hope that helps!

rreiss’s picture

rreiss commented

Also related to https://www.drupal.org/node/2263585#comment-11206959 .
I've created a patch which handles this issue and the HTTP version issue as well.

rsbecker’s picture

rsbecker commented
Status: Reviewed & tested by the community » Active

This patch did not work for me. But the following did.

curl_setopt($ch, CURLOPT_SSLVERSION,6); // 6 is TLS 1.2
andyg5000’s picture

andyg5000
Primary language English
Location North Carolina, USA
commented
Status: Active » Needs work

Need to make sure all sub modules are updated and the integer value as described in #9 should be used.

andyg5000’s picture

andyg5000
Primary language English
Location North Carolina, USA
commented
Status: Needs work » Closed (duplicate)
Related issues: +#2263585: Paypal enforcing HTTP/1.1 on sandbox - update client method

Duplicate of #2263585: Paypal enforcing HTTP/1.1 on sandbox - update client method