UPS Web Service Security Updates

Posted by: Genevieve Tuesday, August 11th, 2015

UPS has announced they are moving to more updated security protocols on their web services. They will be moving from VeriSign SHA-1 to VeriSign SHA-2 256 certificate as SHA-2 256 provides a more secure digital authentication for UPS customers.

The changes will not require you to apply any patches to core Magento code or any WebShopApps shipping extensions. You may have to make configuration changes to your hosting environments, or ask your hosting provider to verify if changes are required.

  • UPS Customer Integration Environment will support SHA-2 256 URL from August 11th 2015
  • As yet, UPS have not released an official date when their live URLs will no longer support SHA-1
  • You can determine which protocol the certificate on your site is using at
  • If your certificate is SHA-1 you will need to update this on your site.
These changes could affect anyone using the standard UPS carrier in Magento, WebShopApps Dimensional Shipping, UPS Calendar extension, Delivery Options for UPS extension, UPS Freight and our Address Validation extension.


Leave a Reply