Enabled Checks for TLSv1.2 support.

- Update your configurations to use `tls` instead of `sandbox` to verify server support
paypal · Dec 9, 2015 · b2dd662 · b2dd662
1 parent 83293b3
commit b2dd662
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 ### CHANGELOG
 
+####Version 3.9.1 - Dec 9, 2015
+   - Added TLSv1.2 Endpoint support
+
 ####Version 3.9.0 - Sep 22, 2015
    - Updated IPN Endpoint
 

diff --git a/README.md b/README.md
@@ -2,6 +2,11 @@
 
    The merchant SDK can be used for integrating with the Express Checkout, Mass Pay, Web Payments Pro APIs.
 
+## TLSv1.2 Update
+> **The [PCIv3.1 DSS (PDF)](https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-1.pdf) mandates (p.46) that TLSv1.0 be retired from service by June 30, 2016. All organizations that handle credit card information are required to comply with this standard. As part of this obligation, PayPal is updating it's services to require TLSv1.2 for all HTTPS connections. [Click here](https://github.paypal.com/SDK-R/tls-update) for more information**
+
+> A new `mode` has been created to test if your server/machine handles TLSv1.2 connections. Please use `tls` mode instead of `sandbox` to verify. You can return back to `sandbox` mode once you have verified. Please have a look at this [Sample Configuration](https://github.com/paypal/merchant-sdk-php/blob/namespace-php5.3/samples/Configuration.php#L10-15).
+
 ## POODLE Update
 - Because of the Poodle vulnerability, PayPal has disabled SSLv3. 
 - To enable TLS encryption, the changes were made to [PPHttpConfig.php](https://github.com/paypal/sdk-core-php/blob/namespace-5.3/lib/PayPal/Core/PPHttpConfig.php#L11) in [SDK Core](https://github.com/paypal/sdk-core-php/tree/namespace-5.3) to use a cipher list specific to TLS encryption.

diff --git a/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php b/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php
@@ -71,7 +71,7 @@ class PayPalAPIInterfaceServiceService extends PPBaseService {
 	protected static $SDK_NAME = "merchant-php-sdk";
 
 	// SDK Version
-	protected static $SDK_VERSION = "3.9.0";
+	protected static $SDK_VERSION = "3.9.1";
 
     /**
     * @param $config - Dynamic config map. This takes the higher precedence if config file is also present.

diff --git a/samples/Configuration.php b/samples/Configuration.php
@@ -7,7 +7,11 @@ public static function getConfig()
 		$config = array(
 				// values: 'sandbox' for testing
 				//		   'live' for production
+                //         'tls' for testing if your server supports TLSv1.2
 				"mode" => "sandbox",
+                // TLSv1.2 Check: Comment the above line, and switch the mode to tls as shown below
+                // "mode" => "tls"
+
                 'log.LogEnabled' => true,
                 'log.FileName' => '../PayPal.log',
                 'log.LogLevel' => 'FINE'