cliffvt wrote: Guys

Just checking that CB is ready to work with TLS protocol as PayPal is discontinuing SSLv3 support on December 3 2014 - sorry if this is already answered, I copuld not find anything to suggest it has.

Cheers

Cliff

Indeed, nothing special needs to be done, as both CBSubs 3.0.0 GPL and 4.0.0-rc1 support TLSv1 in addition of SSLv3.

I reviewed the CBSubs https-client code and Nick (thanks!) just re-tested with Paypal sandbox (which has SSLv3 switched off) and both IPNs and PDT notifications work just fine.

As a side-note, unrelated: You should still make sure with your hoster that your server:

1. is maintained up-to-date with security updates of the Linux distribution they use, as both openssl and curl (those are used by CBSubs for https requests, you can see which in the CBSubs Global Configuration window) got security-updates in the last months.

2. If using HTTPS, got SSLv3 protocol disabled. You can check the https quality of your server using this free service: www.ssllabs.com/ssltest/