Magento Paypal payments may break after June 17th
Paypal announced they will activate a new security policy on June 17th. Shops that use old SSL software will not be able to process Paypal payments after June 17th.
Update: the policy has been postponed to October 1st, 2016
@gwillem Thanks for tracking. Got some PP updates. No disruption in services on 6/17. Merchants must update to SHA-256 cert by latest 9/30.— Paul Boisvert (@ProductPaul) June 16, 2016
1 out of 5 incompatible
As of June 15th, there are 194.000 global Magento shops that use SSL. About 20% have old, incompatible SSL certificates. Scan by Magereport.
Md5 and sha1 are absolutely outdated technologies, which are rightfully outlawed by Paypal.
Interestingly, there are also 61.000 shops who do not use SSL at all.
Who is not affected?
You are probably safe if your shop uses a major Payment Service Provider (such as Adyen), in which case your shop does not talk directly with Paypal.
How to fix?
Blatant self promotion :) Move your shop to a competent Magento hosting company who resolves these things so you don’t have to worry about it.
If you are stuck with a regular hosting company (or manage it yourself), see the excellent instructions by Anna Volkl.