Just checking in with you guys as this email first got me a bit uncertain about what to do. But came to the conclusion that all systems sending me money like Bandcamp or Audiojungle should already be working on this.
I got this email too, and would like to make sure that Envato’s payments won’t be disrupted.
Hi friends, what we should know about this?
There seem to be quite a some confusion as a result of the email by PayPal.
What they basically means is that PayPal IPN will only work with websites with SSL Certificates that are using 2048-bit and also SHA-256.
2048-bit should now be standardized for all SSL Certificates so it shouldn’t be a problem.
SHA-256 is something that you need to take note of as your SSL Certificate may still be running the older SHA-1 cryptographic hash algorithm.
You can check if your SSL Certificate is using SHA-1 or SHA-256 at this website: https://shaaaaaaaaaaaaa.com/
If you are still using SHA-1, you will need to contact your SSL Certificate issuer (not your hosting provider) to reissue the SSL Certificate into SHA-256 and install it in your server to replace the SHA-1 SSL Certificate.