Home / / PayPal Merchant Set-up

PayPal Merchant Set-up

15910 views

Important

  • Compliance Notice: By June 30, 2018, any system that connects to PayPal via HTTPS must support TLS 1.2 or higher. To avoid any disruption of services, ensure your systems are ready.
  • You must have a PayPal Business Account.
  • For live transactions, you must enable SSL / https for your domain.
  • If you use PayPal – use currencies supported by PayPal.
  • For Recurring payments, please remember to add the IPN URL in the Paypal account as instructed below

PayPal Processor Page

  • Create a page using the PayPal Processor template
  • This page is used by the PayPal API to communicate with your site
  • ⚠️ Do not open or share this page’s URL — it’s meant for backend communication

Choose API Mode: SANDBOX or LIVE

  • SANDBOX = for testing (fake payments)

  • LIVE = for real transactions

  • Replace the credentials when switching modes — they are different!

Add the LIVE or the Sandbox API in Paypal settings

How to Get PayPal API Credentials

1.Login at https://developer.paypal.com to create the API

2. Go to Dashboard Menu

(Optional) Create a sandbox business account under: Sandbox > Accounts

Go to My Apps & Credentials

Click Create App

  • Name your app

  • Select your sandbox account email (for testing)

Add webhook with your website PayPal URL

 

Copy the Client ID and Secret

  • Be sure to copy the right pair: SANDBOX or LIVE

Setup for Recurring Payments (with membership mode enabled)

For Testing Recurring Payments:

For Live Payments:

PayPal common errors:

error:14077410:SSL%20routines:SSL23_GET_SERVER_HELLO:sslv3%20alert%20handshake%20failure

Please see this url with a similar issue http://stackoverflow.com/questions/34926940/php-paypal-error-14077410ssl-routinesssl23-get-server-hellosslv3-alert-hands

And the solution:

Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.

Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.

This document has the details to fwd to hosting:

https://www.paypal-knowledge.com/resources/sites/PAYPAL/content/live/FAQ/1000/FAQ1766/en_US/2015%20Merchant%20Security%20System%20Upgrade%20Guide%20%28U.S.%20English%29.pdf

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.