Just checking in with you guys as this email first got me a bit uncertain about what to do. But came to the conclusion that all systems sending me money like Bandcamp or Audiojungle should already be working on this.
I got this email too, and would like to make sure that Envato’s payments won’t be disrupted.
What email?
Hi friends, what we should know about this?
There seem to be quite a some confusion as a result of the email by PayPal.
What they basically means is that PayPal IPN will only work with websites with SSL Certificates that are using 2048-bit and also SHA-256.
2048-bit should now be standardized for all SSL Certificates so it shouldn’t be a problem.
SHA-256 is something that you need to take note of as your SSL Certificate may still be running the older SHA-1 cryptographic hash algorithm.
You can check if your SSL Certificate is using SHA-1 or SHA-256 at this website: https://shaaaaaaaaaaaaa.com/
If you are still using SHA-1, you will need to contact your SSL Certificate issuer (not your hosting provider) to reissue the SSL Certificate into SHA-256 and install it in your server to replace the SHA-1 SSL Certificate.