PayPal and VeriSign G5 Root Certificate upgrade

**incircolo** · 18 Apr 2016, 09:02 AM

Something is not clear to me.
PayPal now require to leave the G2 Root Certificate from Verisign and obtain a G5 Certificate.
Ok... but on my server i use a RapidSSL SHA256 CA - G3 (with RSA 2048 bits).
I don't understand if it's enough for PayPal.

What PayPal said is for webserver which use VeriSign certificate, or i have to add it to certificate root?

My SSL Report on Qualsys SSL Labs is grade A.

**kobra** · 18 Apr 2016, 03:23 PM

You do not have a VeriSign certificate so why are you looking at the requirements for it??

**incircolo** · 18 Apr 2016, 06:22 PM

Yes.
The problem is not related with my SSL certificate, but with server configuration... so which certificate i have is not relevant.

**kobra** · 18 Apr 2016, 11:25 PM

The problem is not related with my SSL certificate, but with server configuration

Sounds like a question that you need to ask your host

**DrByte** · 19 Apr 2016, 02:53 AM

The SSL capability PayPal wants has NOTHING to do with the SSL Certificate that you installed for your customers' benefit (ie: RapidSSL).

It has to do with the Server's internal SSL capability, particularly with its OpenSSL configuration and the server's internal root certificates. Your server administrator will need to fix that. You can point them to the website URLs that PayPal has sent you, and they can sort it out from there.