Should I do anything? - PayPal service upgrade - IPN is changing to SHA-256

I have the membership plugin installed on a client website. I've receive notification from PayPal that they are changing the Instant Payment Notification (IPN) product by upgrading their certificate to SHA-256.

(( I tried to select Membership Pro from the list of plugins, but the form is not pulling the plugins that I have installed for some reason. ))

Is there anything I have to do on my end for my client, so she does not have a gap in service?


  • Patrick
    • Support Monkey

    Hi there @mediastead

    I hope you're well today!

    Given the types of changes that PayPal has made (or will make) and how our products integrate with it, there's nothing special that needs to be done on your WordPress site.

    However, your site may need an updated SSL cert or your server might need updating if it's not sha-256 compatible. For that, you may need to check this with your host.

    For example, if your host updated their SSL software towards the end of last year due to the WP heartbleed exploit that was rampant, you should be fine (but I'd check with them anyway).

  • Jude
    • DEV MAN

    Hey @mediastead

    Our plugins should be fine, the only issue you will have is if your server doesn't support it, so that's a question you should ask your webhost

    To quote PayPal: "Any tests that are currently run against PayPal Sandbox endpoints will require a VeriSign G5 root certificate, so you can test your upgrades by making requests against the Sandbox"

    You can quickly test if it will work by making a PayPal Sandbox payment. If you don’t see an error like "No trusted certificate found“ then it should work


Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.