• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Urgent - TLS Issue with paypal

A

Asentrix

New Pleskian
My SSL is causing issues
PayPal is unable to connect to my IPN becasue of the TLS issues...
Apparently, PayPal can't connect if the server is using/supporting TLS 1.0 and 1.1
I set the minimum to 1.2, yet the issue still remains

I even tried reissuing an SSL certificate afterwars, didn't seem to work
I tried disabling cloudflare and using letsencrypt to see if that would fix it, no luck

Please I beg of you, please help me, I'm completely stumped and I'm losing my mind
Here's what paypal said to me

I looked at the back end logs and we are seeing SSL connect error.
What that means is that your listener is sending TLS 1.1 and TLS 1.0 connections along with TLS 1.2 and TLS 1.3. If our server detects TLS 1.1 and 1.0 presence we will automatically sever the connection and give an SSL connect error.

Have your web developer or web host update your SSL connection to remove TLS 1.1 and 1.0 from the connection.
 
It helps to know what you've tried, and what your current configuration is.

As far as TLS ciphers, you mentioned CF - I'm honestly not familiar with CF's TLS config, but if they support TLS 1.0 and don't provide an option toggle it, you're hands are tied if you use them.
 
john0001 said:
It helps to know what you've tried, and what your current configuration is.

As far as TLS ciphers, you mentioned CF - I'm honestly not familiar with CF's TLS config, but if they support TLS 1.0 and don't provide an option toggle it, you're hands are tied if you use them.
Click to expand...
Paypal claims my server is sending TLS 1.0 connections
On cloudflare I have it set to minimum TLS version 1.2

I've tried basically everything you can think of
 
Please run test on SSL Server Test (Powered by Qualys SSL Labs) to see what TLS/SSL versions your server *really* uses.

The article that IgorG has presented, gives an example how to activate a certain protocol. But did you actually *deactivate* TLS 1.0 and 1.1? Can you show us a report that confirms that?
 
You must log in or register to reply here.

Similar threads

W
Resolved Awstats error refused connetion
Replies
2
Views
1K
WiseWill
W
D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
374
Daiv
D
E
Issue TLS 1.2 and 1.3 only
Replies
2
Views
2K
Benemortasia
Benemortasia
D
Issue Can't enable TLSv1 and TLSv1.1 on Ubuntu 22.04
Replies
4
Views
5K
omniscient
O
Lenny
Resolved Seeking Assistance with API Communication Issues via SSL on Plesk
Replies
4
Views
699
Lenny
Lenny
Back
Top