PayPal IPN moving to SHA-256 - how to test ?

[SatchmoUser77]

Hello Satchmo users,

We got an e-mail from PayPal saying we need to check our system because we use Instant Payment Notification (IPN).

PayPal is upgrading the certificate for www.paypal.com to SHA-256.

According to the PayPal microsite we need a SHA-256 compliant server setup.

I'm not sure how to verify if we are compliant (shared hosting). According to the  PayPal microsite, we can try the www.sandbox.paypal.com endpoint.

There's no point in testing with the sandbox on a development workstation as we need to verify the production setup. 

So I took a non-busy moment and 

• changed the PayPal Payment Module Settings on the production site and disabled accept real payments. (enabling sandbox payments ?)
  
• Then I made a quick order on our site, did checkout with PayPal, landed on the sandbox, entered a valid PayPal sandbox account, and paid.
  
• The payment failed with: This invoice has already been paid. For more information, please contact the merchant. 
  

I'm not sure if the failure is due to design of Satchmo or the IPN failing due to SHA-256.

I don't see a POST for IPN in the server logs.

A quick look at the PayPal payment module does not show any certificate or hashing settings pre-defined. So I'm not sure how to test (on production) if we're going to have issues with PayPal or not.

Did anyone else solve this already ?

Best regards,

Kurt