Upgrade to SHA-2

[andyplak]

Notice from RealEx:

End of Support for SHA-1

Security certificates are digitally signed with an encrypted hash to ensure that they have not been tampered with. Currently, we support both the SHA-1 and SHA-2 cryptographic hash functions.

Weaknesses have been identified with SHA-1 that render it incompatible with security best practice. For this reason, we are discontinuing support for SHA-1; following our upgrade, we will be supporting SHA-256 only.

When will the upgrades take place?

The upgrades will be applied to Realex Payments' services as per the following schedule:

Test Environment:14th July Hosted Services: 11th August API: 6th October

[andyplak]

Required Action

We require you to check your systems to identify if you are targeting the following URLs: remote.payandshop.com (193.105.253.14) remote.sandbox.payandshop.com (193.105.253.166)

If you are targeting the above URLs, you must update to ensure your system can securely connect and process transactions against the below URLs: epage.payandshop.com (193.105.253.11) epage.sandbox.payandshop.com (193.105.253.147)

This must be completed in advance of 1st November 2016.

Please note - as we will only be supporting SHA-2, if you are still targeting the identified URLs, you will NOT be able to process after this date.

[andyplak]

This refers specifically to the SSL Certificates on the host machines. RealEx have confirmed they still use SHA-1 for the hash built into the xml requests.