Lunarpages Web Hosting Forum

Author Topic: Installing the Paypal IPN 1.x Contribution in Oscommerce with OpenSSL  (Read 7331 times)


  • Guest
  May also want,2679/download,9210 patch.

I. OpenSSL
1. Download and install OpenSSL if it is not already installed. Remember where it is installed. c:\openssl is a good place.

2. Click on Start, Run. Type in “cmd” without the quotes to open the dos prompt.

3. Creating Your Private Key with OpenSSL
Using the openssl program and assuming it is installed in c:\openssl, enter the following command to create your private key. The
command generates a 1024-bit RSA private key. The private key is stored in the file my- prvkey.pem :

c:\openssl\bin\openssl genrsa -out my-prvkey.pem 1024

4. Creating Your Public Certificate Using OpenSSL
To create your certificate, enter the following openssl command, which generates a public
certificate in the file my-pubcert.pem

c:\openssl\bin\openssl req -new -key my-prvkey.pem -x509 -days 365 -out my- pubcert.pem

You will be asked several questions:
Company Name
Unit (Division)
Common Name (Your Name)
Email Address

The two files will be saved in the \bin folder where you ran openssl from. Change the path if you did not install to c:\openssl.

II. Paypal
1. Login to your Paypal account and click on the Profile tab.

2. Click on the link on the right for Encrypted Payment Settings under Selling Preferences.

3. Click on Download to download the Paypal Public Cert. Change the name after download to paypal_cert.pem.

4. Click on Add to upload your public cert – my-pubcert.pem Browse to it (c:\openssl\bin possibly) and then click Add.

5. When you get back to the Website Payment Certificates screen, you will see a Cert ID which you willl need to type in later in OsCommerce.

6. Logout.

III. Oscommerce
1. Unzip the Paypal IPN files.

2. Upload the files under the Oscommerce folder in the right places with FTP.

3. Upload your public cert, private key, and the Paypal public cert to the /admin folder. That folder should be password protected by Web Protect in Cpanel.

4. Enable the Paypal IPN (Credit card Debit card) in the Oscommerce Admin panel.

5. Edit the IPN by clicking on Paypal (Credit card Debit card)   then click on Edit.

6. Most of the fields are self-explanatory. The main ones are:

a. Email address – set to your seller email address on Paypal.

b. Gateway server – if you sign up as a developer at and then create two users in the Sandbox, you can test the IPN in Testing mode with dummy users and transactions before using it. This is for advanced users only. You may go straight to Live Site instead if this is too complicated for you. If you do choose to use the Sandbox, be aware that it uses a different Paypal public cert than the live site. The wrong paypal public cert will generate a 5302 error when testing.

c. Page Style – this can be selected at Paypal under your Profile.

d. Debug E-mail Address – an address to send errors to if using testing mode first. Be sure to delete the address here when done or it will keep sending emails.

e. Enable encrypted payments – set to true.

f. Your private key – the full home path to your private key ie like /home/username/public_html/store/admin/ my-prvkey.pem (change username to your cpanel username)

g. Your public cert – the full home path to your public cert ie like /home/username/public_html/store/admin/my-pubcert.pem

h. Paypals public certificate – the full home path to Paypal's public cert you uploaded ie like /home/username/public_html/store/admin/paypal_cert.pem

i. Your Paypal Public Certificate ID – the ID for the public cert you uploaded to Paypal.

j. Working directory – create a temp folder under your oscommerce folder and enter the full home path here ie like /home/username/public_html/store/temp

k. OpenSSL Location - /usr/bin/openssl

l. Click on Update.

That’s it! Test it Live or through the Paypal Sandbox. Don’t forget to remove the Debug E-Mail Address when done testing.

Notes: This was tested to work on a non-exec enabled server. It will encrypt communications back and forth between Oscommerce and Paypal. If a customer fails to return to your store, the order will still process but their cart will not be emptied. They will need to do it manually. Your cert will expire in 365 days at which time you will need to regenerate it and upload it to paypal. If you change the name, you will need to change it in your ipn settings in the oscommerce admin. You can regenerate it sooner for security.