Magento 1.9 is giving this warning:
Your current version of cURL php5 module is 7.29.0, which can prevent services that require TLS v1.2 from working correctly. It is recommended to update your cURL php5 module to version 7.34.0 or higher.
Does this mean that PayPal will break for sure after 30th of june or isn't that true? Because PayPal will be requiring TLS v1.2, but does cURL has to be 7.34.0 for that?
On SSL labs it's saying that the configuration supports TLS v1.2
分享 Yes, To avoid any disruption of service, you must verify that your systems
are ready for this change by June 30, 2017
Why is PayPal making this change?
PayPal is upgrading all external endpoints used by merchants and partners to make programmatic connections. One of these changes is only allowing the use of HTTPS when connecting with PayPal systems to ensure that all information is securely transmitted. IPN messages contain sensitive information about your customers and their transactions that should only be passed securely.
What are the upgraded security standards that PayPal is moving to for all external endpoints?
PayPal is upgrading all of its external endpoints to the latest industry standards:
• HTTP 1.1 or newer
• HTTPS only
• TLS 1.2 or newer only
• 2048-bit, SHA-256 certificates signed with VeriSign’s G5 root
LibCurl
The source of the issue is your version of libcurl. libcurl versions earlier than 7.34 use TLS 1.1 or earlier by default.
To determine the version of libcurl you’re running, enter the following command on the server that processes PayPal transactions:
curl --version
If the version is earlier than 7.34, continue with the next section (solution). If you’re already running version 7.34 or later, no action is necessary.
Check the solution here
分享
