Security header is not valid

Getting #10002 error, have my SSL installed, Paypal Pro APIs all installed… not working (sorry i’m not too web savy and could use some walking through this)

tried to search the forum, but looks like you need some log info from me first to help. thanks for your prompt response.

Rob

Hi Rob.

That error seems to be because of the PayPal email address.

Make sure you confirmed the email address in your PayPal account. https://www.paypal.com/us/webapps/helpcenter/article/?solutionId=12757&m=SRE

Did you entere the correct PayPal email address in s2Member? [hilite path]Dashboard -› s2Member® -› PayPal® Options -› Account Details[/hilite]

If you tried using the SandBox, make sure you didn’t mix the live and sandbox credentials. [hilite path]Dashboard -› s2Member® -› PayPal® Options -› Account Details[/hilite]

Let me know if that helps.

the paypal email address is correct, as is the api user name, api password and api signature. i had no issues getting that stuff from paypal from the start.

also, my ssl is from godaddy and it’s active on the website.

yesterday I upgraded my paypal pro account to include recurring billing (not using payflow, they were able to add the recurring billing onto my current account)

I had set everyting up in s2member pro prior to this change, do you think the upgrade changed all my api info? do I have to re-enter it?

thanks so much for the prompt reply. love your plugin so far, just need to start making some cash with it :-)

Rob

http://theweeklysticky.com/

Thanks for the kudos. :)

I had set everyting up in s2member pro prior to this change, do you think the upgrade changed all my api info? do I have to re-enter it?

I’m pretty sure that enabling DPRP would not change the credentials.

See in this article the different reasons why you may be getting that error code: http://web.archive.org/web/20121010191954/https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_nvp_errorcodes

For example, is your account verified? https://www.paypal.com/us/webapps/helpcenter/article/?solutionId=10568&m=SRE

doesn’t make sense, been using my papal pro account successfully for 4 years now with prostores (accepting paypal and all major credit cards)

in S2Member under ‘Your PayPal® API Signature” i was able to get the API username and password from the Download or Remove API Certificate section in my paypal profile.

after the user name and password there’s a link to ‘download’ a certificate. A notepad popped up with the two long code sections titled BEGIN RSA PRIVATE KEY and BEGIN CERTIFICATE,

do i paste both codes into your API signature on s2member?

or just the private key code or certificate code?

which do I use, or is the API signature something entirely different?

maybe this is where I’m going wrong. thanks for your patience.

Rob

and yes, the account has been verified.

think I found the problem… I may have to remove my existing paypal API certificate to get an API signature for your site. problem is my other shopping cart in prostores needs that certificate… :-(

Ah, yes, that’d be a problem. s2Member uses the API Signature, not certificate. [hilite path]Dashboard -› s2Member® -› PayPal® Options -› Account Details -> API Signature[/hilite]

PayPal lets you have a signature and certificate, but you can only use one. https://www.x.com/developers/paypal/documentation-tools/express-checkout/integration-guide/ECAPICredentials

Important: Although you can have both a signature and certificate, you cannot use both at the same time.

Why don’t you contact PayPal to see what solution they suggest for that?

I’ve already got Paypal Pro account, so I could possible just get rid of the prostores ecommerce part (and save money) and just add paypal ‘add to cart’ and ‘buy now buttons’ to my product landing pages so i can continue offering the few products i have.. just have to figure out how all that works, shipping etc.

right now the most important thing is getting the membership stuff up and running. I’ll close out the certificate and open a new signature and copy it to s2member. if that doesn’t work, i’ll check back here again.

i’ll be a web master before this is all done, lol

Thanks for the help, it’s much appreciated :-)

Rob

Just to update:

Closed out my old certificate at Paypal and got a new API Signature. Everything’s working now!

Thanks for the help!

Rob

That’s excellent, Rob! Thanks for the update. I’m very glad you sorted it out. :)