Appendix: Moving your Application to Signature Version 2

Amazon deprecated Signature version 1 on November 3rd, 2009, and as of 10 February, 2011. You must migrate your applications that use signature version 1 to signature version 2. This section details how to migrate to signature version 2 for inbound requests and outbound responses.

Amazon provides code samples to assist you in migrating your signature version 1 code to signature version 2. The samples are packaged in five programming languages (C#, Java, Perl, PHP, and Ruby), they are available from the Amazon Web Services developer community, under the Amazon Flexible Payments Service category.

The following sections describe the high-level process for migrating your signature version 1 signing code.

For information on using Amazon Simple Pay sample code, see Appendix: Sample Code

Migrating Outbound Notifications to Signature Version 2

If you are currently validating return URL and IPN notifications using signature version 1:

Adjust the way you build the signature to comply with signature version 2. For more information, see How to Generate a Signature and Differences Between Signing Versions.

• Enable signature version 2 in your account settings. For more information, see Configuring Default Button Values.

• Replace your core validation code with a call to the FPS action, VerifySignature.

	Important
	The original implementation of signature version 2 supported client-side signature validation using PKI. Client-side signature validation was deprecated on November 3rd, 2009, and as of 10 February, 2011 it is no longer supported. If you have been using client-side signature validation, you must switch to server-side validation using the FPS action VerifySignature.