PA-DSS Admin Session Timeout Enforced not funtional

[timps]

I posted about this here http://www.zen-cart.com/showthread.p...meout-Enforced

First I installed 1.5.4 onto a WinXP with an older version of xampp. Turning off the timeout didn't work. I then looked up system requirements for zc and realized my xampp server was out dated, so on a laptop with Win7 I did the following:

Fresh install of wampserver 2.5:
php 5.5.12
apache 2.4.9
mysql 5.6.17

Downloaded a fresh copy of zencart: zen-cart-v1.5.4-12302014.zip
Installed without any problems (well, I did enter the wrong db pw initially). It warned about no ssl cert though. It's just a local development server.

The ONLY changes made to this install were to immediately go into admin > configuration > timeout = 0 (non-compliant) > timeout seconds = 30 (just for testing).

Result = still getting timed out.

In the other thread another poster claimed to have the same problem on a fresh install. Since these are fresh virgin installations and I'm not the only one, I presume it could very well be a bug.

Code:

---------------
Apr 07 2015 0:51 -- inspect
CURL requires SSL support. Please notify webmaster or hosting company. 60 => SSL certificate problem: unable to get local issuer certificate

---------------
Apr 07 2015 0:51 -- inspect
System Inspection Results: 
------------------------------
NA: Webserver => Apache/2.4.9 (Win32) OpenSSL/1.0.1g PHP/5.5.12
NA: HTTP Host => zenv
NA: Path_Translated => C:/wamp/zen154virg/www/zencart/zc_install/index.php(SCRIPT_FILENAME)
NA: Real Path => C:\wamp\zen154virg\www\zencart
NA: PHP O/S => WINNT
NA: PHP API Mode => apache2handler
NA: PHP Max Execution Time per page => 120
OK: MySQL Support => ON
OK: PHP Version => 5.5.12
OK: PHP Sessions Support => ON
OK: PHP Session.AutoStart => OFF
OK: PHP session.use_trans_sid => OFF
OK: Suggested SQL Cache Folder => C:/wamp/zen154virg/www/zencart/cache
OK: PHP GD Support => ON
OK: GD Version => GD bundled (2.1.0 compatible)
OK: PHP ZLIB Compression Support => ON
OK: PHP OpenSSL Support => ON
OK: PHP cURL Support => ON
OK: CURL NON-SSL Capability => Okay
WARN: CURL SSL Capability => CURL requires SSL support. Please notify webmaster or hosting company. 60 => SSL certificate problem: unable to get local issuer certificate
OK: PHP Upload Support => ON  upload_max_filesize=64M;  post_max_size=3M
OK: PHP Upload TMP dir => c:/wamp/tmp
OK: Apache .htaccess Support => ON
NA: PHP include_path => .;C:\php\pear
NA: PHP SMTP destination => mail.xxx.com
NA: PHP sendmail path => 
NA: PHP sendmail 'from' => [email protected]
OK: PHP open_basedir restrictions => 
OK: PHP Output Buffering (gzip) => ON
OK: PHP XML Support => ON
OK: PHP Session.Save_Path => C:\wamp\zen154virg\www\zencart\cache-->Writeable
OK: includes/configure.php =>  Writeable
OK: admin/includes/configure.php =>  Writeable
OK: cache => OK 777 read/write/execute
OK: images => OK 777 read/write/execute (INCLUDE SUBDIRECTORIES TOO)
OK: includes/languages/english/html_includes => OK 777 read/write (INCLUDE SUBDIRECTORIES TOO)
OK: logs => OK 777 read/write/execute
OK: media => OK 777 read/write/execute
OK: pub => OK 777 read/write/execute
OK: admin/backups => OK 777 read/write
OK: admin/images/graphs => OK 777 read/write/execute
PHP Extensions compiled: Core, bcmath, calendar, ctype, date, ereg, filter, ftp, hash, iconv, json, mcrypt, SPL, odbc, pcre, Reflection, session, standard, mysqlnd, tokenizer, zip, zlib, libxml, dom, PDO, bz2, SimpleXML, wddx, xml, xmlreader, xmlwriter, apache2handler, openssl, curl, com_dotnet, fileinfo, gd, gettext, gmp, imap, mbstring, exif, mysql, mysqli, Phar, pdo_mysql, pdo_sqlite, shmop, soap, sockets, sqlite3, xmlrpc, xsl, mhash, xdebug
------------------------------


---------------
Apr 07 2015 0:51 -- inspect
CURL requires SSL support. Please notify webmaster or hosting company. 60 => SSL certificate problem: unable to get local issuer certificate

---------------
Apr 07 2015 0:54 -- database_setup
FATAL: Connection to Database failed - 

---------------
Apr 07 2015 0:54 -- database_setup1
Installer - Page: database_setup -- collected information: Array
(
    [language] => english
    [DIR_FS_SQL_CACHE] => C:/wamp/zen154virg/www/zencart/cache
    [DB_TYPE] => mysql
    [DB_PREFIX] => zen_
    [DB_CHARSET] => utf8
    [DB_SERVER] => localhost
    [DB_SERVER_USERNAME] => xxx_zen
    [DB_SERVER_PASSWORD] => ***private***
    [DB_DATABASE] => xxx_zen154_2
    [SQL_CACHE_METHOD] => database
)


---------------
Apr 07 2015 0:55 -- database_setup1
Installer - Page: database_setup -- collected information: Array
(
    [language] => english
    [DIR_FS_SQL_CACHE] => C:/wamp/zen154virg/www/zencart/cache
    [DB_TYPE] => mysql
    [DB_PREFIX] => zen_
    [DB_CHARSET] => utf8
    [DB_SERVER] => localhost
    [DB_SERVER_USERNAME] => xxx_zen
    [DB_SERVER_PASSWORD] => ***private***
    [DB_DATABASE] => xxx_zen154_2
    [SQL_CACHE_METHOD] => database
)

[timps]

Ok, this appears to not be a bug but rather a misunderstanding of how it works. As someone else kindly pointed out, throwing this switch merely turns off the maximum setting of 900 seconds, thus allowing a higher setting of say 1800 or 3600 seconds. This really should have been mentioned somewhere in the implementation guide. I just went through the whole thing again and found no mention of exactly how this function works.

[kobra]

It warned about no ssl cert though

Don't know what gateway you are attempting to use BUT most check for SSL