Jump to content
Sign in to follow this  
jacobsag

PayPal Standard and Encrypted Web Payments

Recommended Posts

I'm adding PayPal Web Payments Standard as an option to my OS Commerce cart. Do I need to enable encrypted web payments? One would assume so. I already have an SSL certificate. Can I simply point the module settings to my existing private key and public certificate?

Share this post


Link to post
Share on other sites

If you're using paypal payment buttons generated from paypal website, encrypted web payments must be enabled including certs and keys. Other than that, your email will suffice.

Share this post


Link to post
Share on other sites

I'm not using buttons generated from PayPal's site.

 

What is the point of having encrypted web payments if my email will suffice?

 

In order to enable encrypted web payments I read that "OpenSSL must be supported by your PHP installation". I have an SSL certificate with GoDaddy; will that work?

Edited by jacobsag

Share this post


Link to post
Share on other sites
I'm not using buttons generated from PayPal's site.
If that's the case, you don't need to enable it (see post #2 above).

 

In order to enable encrypted web payments I read that "OpenSSL must be supported by your PHP installation".
Yes, that is correct.

 

I have an SSL certificate with GoDaddy; will that work?
It's good you have a SSL cert. If properly configured in your server and in the configure.php files, it will encrypt the parts of your store such as login, create account, checkout, etc. Your customer's data is not transmitted in clear text. Once your customers have been transferred to paypal for payment, paypal has their own SSL cert to secure their site for financial transactions.

 

What is the point of having encrypted web payments if my email will suffice?
->This should help.

Share this post


Link to post
Share on other sites

Gotcha, I believe I understand now. So if I already have an SSL certificate properly configured there would be no need to enable encrypted web payments, right?

Edited by jacobsag

Share this post


Link to post
Share on other sites

Gotcha, I believe I understand now. So if I already have an SSL certificate properly configured there would be no need to enable encrypted web payments, right?

Your site SSL cert has nothing to do with encrypted web payments and vice-versa. You still need SSL as I descibed above and that is to encrypt customer information while on your web site.

 

Encrypted web payment in conjunction with public/private cert and keys work to prevent other people from tampering paypal payment buttons, assuming you're using them. Obviousdly, you're not.

 

Enabling encrypted web payment does NOT encrypt customer information.

 

Use the link I provided above. You'll see that setting up "paypal website payments standard" has nothing to do with public/private certificates and keys. They only come into play when you're using paypal payment butons.

 

For the purpose of this specific thread,

 

encrypted web payment and SSL = salads and dolphins <--NO RELATION

Share this post


Link to post
Share on other sites

Can i add 2 further questions to this please?

 

I'm using oscommerce v2.2.

 

1. Are the buttons that came with it already encrypted or do i still need to use Paypal's button factory to create encrypted buttons?

 

I have set up my private key, added my public cert to paypal. and am using paypal's website payment standard. (installed it via oscommerce's admin module)

 

but i got an error message at payments page.

 

(See below error message)

 

Warning: fopen(/usr/OpenSSL/tempfolder/437033-2-data.txt) [function.fopen]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 331

 

Warning: fwrite(): supplied argument is not a valid stream resource in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 332

 

Warning: fclose(): supplied argument is not a valid stream resource in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 333

 

Warning: file_get_contents(/usr/OpenSSL/bin/bblsgpublic-cert.pem) [function.file-get-contents]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 338

 

Warning: file_get_contents(/usr/OpenSSL/bin/bblsg-prv-key.pem) [function.file-get-contents]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 338

 

Warning: openssl_pkcs7_sign() [function.openssl-pkcs7-sign]: error getting private key in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 338

 

Warning: unlink(/usr/OpenSSL/tempfolder/437033-2-data.txt) [function.unlink]: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 340

 

Warning: file_get_contents(/usr/OpenSSL/tempfolder/437033-2-signed.txt) [function.file-get-contents]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 343

 

Warning: fopen(/usr/OpenSSL/tempfolder/437033-2-signed.txt) [function.fopen]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 347

 

Warning: fclose(): supplied argument is not a valid stream resource in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 349

 

Warning: file_get_contents(/usr/OpenSSL/bin/paypal_cert.pem) [function.file-get-contents]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 353

 

Warning: unlink(/usr/OpenSSL/tempfolder/437033-2-signed.txt) [function.unlink]: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 355

 

Warning: file_get_contents(/usr/OpenSSL/tempfolder/437033-2-encrypted.txt) [function.file-get-contents]: failed to open stream: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 358

 

Warning: unlink(/usr/OpenSSL/tempfolder/437033-2-encrypted.txt) [function.unlink]: No such file or directory in D:\babylaughssg\catalog\includes\modules\payment\paypal_standard.php on line 362

 

My website eshop is at www.babylaughs.com.sg/catalog

 

2. What can be wrong?

Thanks,

Sally

 

 

Thank you.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×