PayPal and Authorize.Net sent a notice to merchants and storefronts whose websites use their service that action may need to be taken to ensure no interruption in service while the two companies work to upgrade various SSL certificates. Over the course of 2015 and 2016, they will be taking steps towards strengthening their SSL certificates across all of their sites. Strengthening SSL certificates equates to switching from the SHA-1 signature algorithm to the SHA-2 signature which is more secure. The ecommerce payment gateway companies also encourage merchants to ensure the trusted root and intermediate certificates associated with the newly issued SHA-2 certificates, acquired from the CA of the merchant’s choice, are installed within the certificate store on the server end. They also clearly state that if the hardware or software does not support SHA-2 signing algorithm, they will need to upgrade the hardware/software.

This has no bearing in regards to the SSL certificates issued by Sectigo. The articles/notifications are simply describing the change and advising what needs to be done in order to ensure that there is no disruption between the merchant and ecommerce gateway companies.

What to do:

Ensure that all root and intermediate certificates associated with the newly issued SHA-2 certificate are installed within the certificate store on the server end. If the hardware or software does not support SHA-2 signing algorithm, an upgrade will be needed.

Examples of articles available to the public:

https://devblog.paypal.com/paypal-ssl-certificate-changes/

http://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Production-Certificate-Upgrades-begin-May-27-2015/bc-p/50812#M466