RobertBlas Posted October 13, 2005 Share Posted October 13, 2005 Hi I have paypal IPN 1.1, ccgv 5.14 I have an ssl server like so : https//mysite.com/ question 1) do I need to bother with OSC's paypal ipn encryption since both my site and paypal use encryption? My hunch is that it would help to prevent spoofing but some confirmation or other reasons would help me understand the purpose. question 2) I have the contribution working but I can NOT get the encryption to work. Paypal says that "the email address is not present in the encrypted blob". I have tried doing the certs several times and in several different ways using openssl. I found a posting suggesting like this openssl genrsa -des3 -out privkey.pem 2048 openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 and the paypal documentation says like this openssl genrsa -out my-prvkey.pem 1024 openssl req -new -key my-prvkey.pem -x509 -days 365 -out mypubcert.pem In both cases when I upload the public cert to my account profile in paypal under encrypted settings, paypal seems to be able to read the email. But, when I go through the checkout process, after confirmation I get the encrypted blob errror message from paypal. I have read posts, that people have resolved the encrypted blob problem by having the host give them a certificate. But there were then questions about what to actually ask of the host. Should I ask for a private and a public key?? How will they know the email account that paypal uses to identify the payee? Is the email address one puts into the open ssl public certificate the same as the vendor email address?? Thanks for any assistance. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.