Forcing Payment Gateway to Use TLS 1.2

For general questions and discussions specific to the AbleCommerce 7.0 Asp.Net product.
Post Reply
moustafa
Lieutenant (LT)
Lieutenant (LT)
Posts: 54
Joined: Wed Oct 19, 2011 9:54 pm

Forcing Payment Gateway to Use TLS 1.2

Post by moustafa » Sun Apr 03, 2016 7:16 pm

Hi there,

We're using PayPal Payflow as our payment gateway.

PayPal's new requirements are that we have to use TLS 1.2 for all connections to them.

This will involve the following:

1. Moving the installation to a server running an OS that supports TLS 1.2 (e.g. Windows 2008 R2).
2. Moving AC 7 to use ASP.NET 4.x. Right now, it's running on 2/3.5.
3. Disabling all versions of SSL and TLS earlier than 1.2.

Does this seem like a reasonable plan? Is there anything missing here?

Also, what would be involved in moving AC 7 to ASP.NET 4.x? Is there a guide somewhere online?

Thanks,
Moustafa

User avatar
Shopping Cart Admin
AbleCommerce Admin
AbleCommerce Admin
Posts: 3055
Joined: Mon Dec 01, 2003 8:41 pm
Location: Vancouver, WA
Contact:

Re: Forcing Payment Gateway to Use TLS 1.2

Post by Shopping Cart Admin » Mon Apr 04, 2016 4:38 am

Hello Moustafa,

Yes 1 and 2 will be needed.

3. Wouldn't be needed since the negotiation is handled automatically and if they don't have 1.0/1.1 then 1.2 will be used.

You can check the install/framework directory to find web.config files for other versions of .net.

SR1 included support for .net 4.0
http://help.ablecommerce.com/upgrades/a ... hanges.htm
Thanks for your support

Shopping Cart Guru
AbleCommerce.com
Follow us on Facebook

moustafa
Lieutenant (LT)
Lieutenant (LT)
Posts: 54
Joined: Wed Oct 19, 2011 9:54 pm

Re: Forcing Payment Gateway to Use TLS 1.2

Post by moustafa » Tue Apr 05, 2016 12:10 am

Thanks!

Post Reply