TLS 1.2 and HTTP/1.1 Upgrade

PayPal is upgrading the protocols used to secure all external connections made to our systems. Transport Layer Security version 1.2 (TLS 1.2) and Hypertext Transfer Protocol version 1.1 (HTTP/1.1) will become mandatory for communication with PayPal in 2018.

You will need to verify that your environment supports TLS 1.2 and HTTP/1.1, and if necessary make the appropriate updates.

The information below is highly technical and should be reviewed by one of the following:

Your web hosting company

Your ecommerce software provider

Your in-house web programmer/system administrator

In a Nutshell...

Merchants and partners use HTTPS to securely connect with PayPal servers. We use the Transport Layer Security (TLS) protocol to encrypt these communications. To ensure the security of our systems and adhere to industry best practices, PayPal is updating its services to require TLS 1.2 for all HTTPS connections. At this time, PayPal will also require HTTP/1.1 for all connections.

This change is complete as of June 28, 2018.

What do I need to do?

Single Logo

Note:

To avoid having to make versioning changes reactively in the future, we recommend that you code your system to always negotiate using the highest possible version.

If you’re using a downloaded shopping cart to connect to PayPal, please contact your web host or developer to take the appropriate next steps.