Skip to main content
Published: December 15 2014, 1:23:00 PMUpdated: November 28 2020, 8:00:11 PM

Should I use HTTPS?


   eBay strongly encourages the use of HTTPS or HyperText Transfer Protocol with Secure Sockets Layer for Open eBay Apps applications since eBay passes user token information even though the token information itself is encrypted. 

  You need to make sure that both EndPoint.Management and URL-type gadget defined in  Deployment Descriptor as below use HTTPS:

<Link rel="EndPoint.Management" href="https://url/IntegrationManagement" />

<Content type="url" view="canvas" href="https://url/myentrypointURLhere" preferred_height="800" />

  HTTPS Best Practices:  

- Use an industry standard certificate authority (i.e. Verisign). Self-signed certificates are not allowed.

- Use TLS 1.0 or better.
SSL 3.0 is no longer supported as documented in this KB: eBay is disabling support for SSL 3.0.

Additional Resources


How well did this answer your question?
Answers others found helpful