PayPal Important Update – SSL Certificate Upgrade

PayPal is upgrading the SSL certificates on their payment notification servers. If your PayPal Checkout Express configuration uses their certificates, you will need to import the new 2048-bit secure certificates. See the email below that was sent out earlier today.

Dear Customer,

In keeping with industry standards set by the Certification Authority/Browser (CA/B) Forum, PayPal will discontinue supporting 1024-bit key length certificates and will migrate to 2048-bit certificates before the end of 2013.

We have completed the installation of 2048-bit certificates for all API endpoints in our PayPal Sandbox and Payflow Pilot environments, and we will be doing the same for our production environments starting on August 6, 2013.

We strongly encourage merchants to thoroughly test any existing integration(s) in the PayPal Sandbox and/or Payflow Pilot environments to ensure this migration will not cause any unforeseen issues.

Please have the team or person responsible for your integration refer to the following:

If you need to import the new PayPal Sandbox and/or Payflow Pilot server certificates to your application or system truststore, you can download production and Sandbox certificates from

If you don’t typically import the server certificates to your truststore, you can proceed with testing with no other action required.

If you have any questions, please contact PayPal Merchant Technical Services by filing a ticket; refer to PP-LIVE-3503. You may also visit our Live Site Status blog.



FYI – If you use a shopping cart like Magento, you wouldn’t need to do anything because they use API signatures instead of certificates.

Menachem Ani

Menachem Ani ()

Online Advertising and eCommerce Expert with over a decade of success developing high-impact marketing strategies for online retailers and lead-generation clients.