none
Verifying TLS Update for Paypal RRS feed

  • Question

  • Just trying to verify some thing for a Paypal error I have been having. I initially missed the TLS update that Paypal started requiring on June 30th, so my site hasn't been able to process payments at all for a while now. After researching the error I found out that I needed to update the TLS and did so here:

    

    Verified through my browser that the TLS version for my site was 1.2 but payments still aren't working. I have been going back and forth with Paypal tech support and they are telling me that either my TLS is still not actually updated or that my .NET Framework is somehow below version 4.5, and my project's target framework is 4.5.2. 

    I know this is isn't a Paypal support forum but I thought I might try approaching this from the Azure side of things to see if anyone knows a reason my TLS might not actually be updated or my .NET Framework might be messed up.

    Wednesday, August 22, 2018 2:56 PM

Answers

  • The setting you have configured above is for the inbound connections to the web app to require a minimum of TLS version 1.2, outbound connections do not adhere to that setting. You'll want to do something like this in your .net code to force it to use TLS 1.2.

    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

    https://stackoverflow.com/questions/45382254/update-net-web-service-to-use-tls-1-2 

    Wednesday, August 22, 2018 9:38 PM
  • TLS settings in App Service control the inbound requests, sounds like you need to update your outbound setting, detailed here:

    https://blogs.perficient.com/2016/04/28/tsl-1-2-and-net-support/

     

    Oded Dvoskin

    Wednesday, August 22, 2018 9:52 PM
    Moderator

All replies

  • Could you share the complete error message which you are getting to understand your issue better?

    Wednesday, August 22, 2018 8:21 PM
    Moderator
  • The error message I receive when I try to connect to Paypal is "Failed to connect to host Input Server Uri = https://payflowpro.paypal.com/". Paypal has looked at the account and they say that my payments aren't reaching their servers at all. 
    Wednesday, August 22, 2018 8:32 PM
  • The setting you have configured above is for the inbound connections to the web app to require a minimum of TLS version 1.2, outbound connections do not adhere to that setting. You'll want to do something like this in your .net code to force it to use TLS 1.2.

    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

    https://stackoverflow.com/questions/45382254/update-net-web-service-to-use-tls-1-2 

    Wednesday, August 22, 2018 9:38 PM
  • TLS settings in App Service control the inbound requests, sounds like you need to update your outbound setting, detailed here:

    https://blogs.perficient.com/2016/04/28/tsl-1-2-and-net-support/

     

    Oded Dvoskin

    Wednesday, August 22, 2018 9:52 PM
    Moderator
  • This worked! Thanks so much. Kinda wish the portal would have given some indication that that "Minimum TLS Version" setting only applied to inbound connections. 
    Thursday, August 23, 2018 6:01 PM
  • Feedback is definitely spot on. 

    I've just submitted edits to this section: https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-tls-1112


    Oded Dvoskin

    Thursday, August 23, 2018 6:11 PM
    Moderator
  • Updates are live in the doc. Hopefully this makes the point clearer about TLS impacts in App Service:

    https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-ssl#enforce-tls-1112


    Oded Dvoskin

    Friday, August 24, 2018 5:48 PM
    Moderator