Chapter 8. Encrypting Buttons

EzPPb attempts to prevent tampering of HTML by use of AJAX to submit the button forms to PayPal. But even though this makes it a bit more difficult to tamper with the HTML, it is not 100% secure. Thus it is recommended that you enable button encryption to prevent people from changing HTML that would result in incorrect payments, information, etc. Please read https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments for more information about encrypting PayPal buttons prior to following these instructions.

Generating Your Private Key and Public Certificate

You will need OpenSSL to do this (see https://www.openssl.org/). If you do not have SSH access to your server or an easily accessible Linux box, you may not be able to do this.

Using the OpenSSL program, use the following command to generate your private key: openssl genrsa -out my-prvkey.pem 1024
You will then need to generate your public certificate by using the following command: openssl req -new -key my-prvkey.pem -x509 -days 365 -out my-pubcert.pem
Move these two files to a location accessible by your web server. It is highly recommended that this is outside of your public_html folder.
Login to PayPal and browse to your Profile. Under Selling Preferences, click on the Encrypted Payment Settings link. Click the Add button to upload your public certificate (not your private key!).
Under the PayPal Public Certificate section, click the Download button. This will download PayPal's public certificate which is required for the encryption process so that PayPal knows how to understand the encrypted information. Copy this to a secure location outside of your public_html folder (with the your public certificate and private key) and rename it to paypal_cert.pem.
Before leaving this page, take note of the Cert ID of the public certificate you just uploaded. This will be needed when configuring EzPPb.