FacebookTwitterLinkedIn
Login / Register

Login / Register

IUG FORUM

Stay always connected!
  1. Lee Hemphill
  2. Sierra/ Millennium/ Encore
  3. Thursday, March 16 2017, 08:34 AM
  4.  Subscribe via email
Hi everyone,
I just received an email from our friends at Paypal saying that they will be updating the payflow gateway and will no longer support TLS 1.0 after June 30 of this year (2017).
Has anyone else received this notice?

A year or two ago, Paypal announced this and then backed away from it. Thankfully, they did, because we know (at least at our site) that Ecommerce will not work (all transactions get voided) without TLS 1.0. At that time, I submitted a call to III to update their software, but I have no idea what happened to it.

The questions I have for the group are: does anyone know about TLS and Ecommerce? and
What are others planning to do regarding this announcement from paypal (assuming that Ecommerce will no longer work)?

here is the body of the email I received in case you were interested:


Payflow integration upgrade information.

Lee Hemphill,

Security and safety are top priorities for PayPal, but being a good partner to you is equally important. We announced last year our plans to strengthen our Payflow integration as part of a broader infrastructure security initiative. We’re now sharing more details with you.

Payflow TLS 1.2 endpoint upgrade

Payflow production endpoints are scheduled to be upgraded to TLS 1.2 starting after June 30, 2017. When that happens, we’ll no longer support TLS versions 1.0 and 1.1.

In preparation for the upgrade, you’ll be able to test your integration in the Payflow Pilot environment after February 15, 2017. We strongly encourage you to adjust your configuration and test your integration prior to the Payflow Production upgrade currently scheduled starting after June 30, 2017.

For more information on the Payflow TLS 1.2 upgrade, you can refer to our TLS 1.2 and HTTP/1.1 Upgrade Microsite.
Scheduled change dates provided in this email and on the TLS 1.2 and HTTP/1.1 Upgrade Microsite are subject to change. Please monitor our TLS 1.2 and HTTP/1.1 Upgrade Microsite for the most up-to-date information.
Frequently asked questions

How do I make these changes?

The details on the required changes and how to implement them can be found on our TLS 1.2 and HTTP/1.1 Upgrade Microsite.

What will happen if I don’t make the changes by the due date?


If you haven’t made the necessary changes by the deadline dates, you won’t be able to process payments through the Payflow Gateway. We strongly encourage you to adjust your configuration and test your integration after February 15, 2017 once the Payflow Pilot environment has completed the TLS 1.2 upgrade.

What can I do if I need help with all this information?
We encourage you to contact your web hosting company, e-commerce software provider, in-house web programmer, or system administrator for assistance with these changes, if needed. If not supported, click Help & Contact on any PayPal page or visit the Technical Support Portal to submit a ticket. Select Security Changes (TLS/Certificate) from the Product drop-down menu.
As a leading payment provider, we’re committed to continually investing and innovating to deliver to customers the strongest protection possible. Thank you for your support of our commitment to maintain the highest security standards for our global customers.
Was this email helpful? Please click here to let us know how we're doing at keeping you informed.


hemphill@email.arizona.edu
Comment
We are a millennium site. I have updated our call with III asking for a status. I hope it will be compliant.

hemphill@email.arizona.edu
  1. Lee Hemphill
  2. 1 month ago
There are no comments made yet.
Add Comment
Wes Osborn Accepted Answer
0
Votes
Undo
We were advised to recheck our Silent Post and Return when Silent Post Fails URLs, but those match the iii docs exactly, and all worked fine before our OS upgrade last week.


As a Polaris customer using PayPal integration that broke after our recent upgrade, we were told to reset the PayPal password/tokens on the PayPal site and then re-enter them into our Polaris configuration. We followed those instructions and then things began working again for us. It is probably a long shot for Sierra/Millennium folks, but might be worth a try.

wosborn@clcohio.org
Comment
There are no comments made yet.
Add Comment
Tasha Bales Accepted Answer
0
Votes
Undo
We are also on Millennium and our hosted server was upgraded last week to accomodate the PayPal switch to TLS 1.2. Since then, all Ecommerce transactions are voided.

It sounds like this is a known issue, but only for Sierra. Is that right?

Innovative has not been of any help. However, neither has PayPal. We were advised to recheck our Silent Post and Return when Silent Post Fails URLs, but those match the iii docs exactly, and all worked fine before our OS upgrade last week.

tkeagan@ucsc.edu
Comment
If the fix for millennium is not available yet, I would advise going back to TLS 1.0 - we had TLS upgraded last year to 1.2 and all our transactions in millennium started getting voided, which is how I initially learned that millennium would not work with anything but TLS 1.0. At least for now, until III makes the fix available.
Is the version for Millennium available with the TLS fix?

hemphill@email.arizona.edu
  1. Lee Hemphill
  2. 6 days ago
There are no comments made yet.
Add Comment
Connie Wu Accepted Answer
0
Votes
Undo
Forgot to mention that we're on Sierra 3.0.

cwu@arlingtonva.us
Comment
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 3
Connie Wu Accepted Answer
0
Votes
Undo
Did any of you have your hardware updated? We host our servers onsite, so when we asked about this back in late 2016 when Paypal first sent the notice out, I submitted a III ticket. They put us on the schedule for updating our OS, which included new hard drives. We switched the hard drives out in late January and haven't encountered any issues with Ecommerce since the switch.

cwu@arlingtonva.us
Comment
Yes, we will have to replace drives, scheduled to do so at the end of April. So we'll be down for a minimum of 4-6 hours.

Alison

alison.pruntel@fauquiercounty.gov
  1. Alison Pruntel
  2. 1 month ago
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 4
Eeva Stierwalt Accepted Answer
0
Votes
Undo
Hi Alison! How interesting! iii hasn't told me that they rolled this back for us again! They did it initially and it worked for 1 day, but then they removed the roll back and we've been down since! I'll poke our ticket again and mention this! THANKS! Kind regards, Eeva



eeva.stierwalt@lpl.london.on.ca
Comment
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 5
Alison Pruntel Accepted Answer
0
Votes
Undo
Hi Eeva, per your note about this to the Sierra listserv, I mentioned this to the Alex Tautu (III), who is handling our upgrade to RH6 - that sites who had the OS to support 1.2, ecommerce didn't work. He stated that PayPal re-enabled TLS 1.0 support until III rolls out Sierra 3.1, which has a new version of Java that will work with PayPal and we would be okay. We had to first upgrade OS to RH6 and then upgrade 3.1 by June 30 and there should be no problems. Of course, there doesn't appear to be any "official" word from III on this, so it's confusing.

Alison

Alison Pruntel
Electronic Resources Librarian
Fauquier County Public Library
11 Winchester St.
Warrenton, VA 20186
540.422.8515
http://fauquierlibrary.org

alison.pruntel@fauquiercounty.gov
Comment
We also received a reply from Alex Tautu from III regarding Sierra 3.1 - but I had to tell him we are Millennium..... :-(

hemphill@email.arizona.edu
  1. Lee Hemphill
  2. 1 month ago
Are Millennium customers out of luck? Or maybe the next Millennium update will include whatever is being adjusted in Sierra 3.1 to fix. Would be nice if III would just post an announcement with the details vs. allowing confusion to fester on the listservs (IUG and Sierra). It's ironic that the "Innovative Customer Support Update" call is scheduled today.

alison.pruntel@fauquiercounty.gov
  1. Alison Pruntel
  2. 1 month ago
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 6
  4. View last reply:
Eeva Stierwalt Accepted Answer
0
Votes
Undo
Our eCommerce through PayPal has been down for over a month now. PayPal admitted that they made a communications protocol change around February 13 and we've been down since then. There are about 6 iii customers that I know of in this situation. We are all on different releases of Sierra, but what we do have in common is that our servers all support TLS 1.2. PayPal and iii are in touch with each other about this, though I haven't received an update this week. PayPal actually rolled back their change for 1 day, which allowed us to activate eCommerce. However, the next day, all payments were being voided again! SIGH!

eeva.stierwalt@lpl.london.on.ca
Comment
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 7
Karen Perone Accepted Answer
0
Votes
Undo
Yes, we received the same notice from PayPal and I started investigating. The link for "compliance" that was sent only verified that my PC was compliant for TLS 2.0, not our Sierra server. Here is a link that was given on the Sierra list for info from Innovative:
https://iii.rightanswers.com/portal/app/portlets/results/viewsolution.jsp?page=1&position=1&ismodal=true&solutionid=161216145434240

I have opened a ticket with Innovative and asked about our turnkey Sierra server that was installed in December 2012 and is an M3 machine. Your OS needs to be RH 6.x and some other specifications. Sierra 3.1 will be compliant. If you are on the Sierra list, there are several useful comments there.

flutebrarian@gmail.com
Comment
There are no comments made yet.
Add Comment
  1. more than a month ago
  2. Sierra/ Millennium/ Encore
  3. # 8
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,pdf,ppt,pptx,doc,docx,xls,xlsx,,txt,rtf,jrxml
• Remove Upload Files (Maximum File Size: 2 MB)
You may insert polls into your post. The poll would then appear in the post.
Vote Options
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.