Paypal encrypted button pitfalls

[repost because the original post was lost due to an error from my hosting provider]

I recently had to implement a small online payment system using an encrypted paypal button (‘after hours’). All of this in an existing modx cms installation. Modx is an absolutely handy, powerfull and totally undervalued cms system that doesn’t seem to get the attention it deserves. So there – my free mention.

I used this article and script from a company called Stellar Web Solutions as a starting point for encrypting the button data. (no need to reinvent the wheel)

Now, to keep others from falling into the same pitfalls as I did…

Bad OpenSSL Version

If you get the error:

The email address for the business is not present in the encrypted blob. Please contact your merchant.

Then you probably have OpenSSL version 0.9.8b which has a known issue with pipes, resulting in a cut-off output. This version unfortunately seems to be quite common on shared hosting solutions, who ofcourse are very reluctant to update their ‘working’ installations.

You could either upgrade your OpenSSL version, or refrain from using pipes. When using the Stellar Web script, you can try the fix posted here, which worked for me.

If you are not using the bad OpenSSL version, I’d suggest that at least something is wrong with the encrypted data.

Use the correct certificate

Don’t mix the sandbox with the live certificate, they are different!

Only use 2 decimals for values

I got the following error:

The link you have used to enter the PayPal system contains an incorrectly formatted item amount.

Turned out my calculated price contained too much decimal places for the value. It should have been only 2. When googling this I also found that it might mean you used a comma instead of a point or vice versa.

For such a widespread system, too bad paypal doesn’t give any clearer error messages, or provide more info on what the above errors could mean. I found lots of posts asking about the above, but had to really dig to find some answers.


  1. Hi,

    I know this is an old post, but did you happen to create these encrypted paypal buttons on wordpress pages? If so, do you have any tips on how to convert the script (which I have functioning on an html page outside of WP) to function w/in wordpress? There is a very limited amount of info available on the subject, which I find odd considering WP is probably the most popular platform these days.

    Anyway, nice post. It is definitely important to have ALL the variables set for the right environment (sandbox vs live). I was using the wrong certificate ID and the wrong form action for a while until I figured that out.

  2. Piet

    April 23, 2010 at 9:29 pm

    Hi Kathy,

    I’m afraid it wasn’t on wordpress but on modx. Do you know there are some wordpress paypal plugins?

  3. In dire need of that “here” link ( – It seems to have vanished on Do you recall what the fix was?

Leave a Reply

Your email address will not be published.