If you are trying to add credit through the Web Portal and receiving an "Invalid Security Header" error message, it is likely that your Paypal API Certificate has expired and needs to be renewed. This article explains the process for renewing your Paypal API Certificate.
An API Certificate should stay valid for 10 years after its creation date, after which it expires. To prevent an interruption in API services, you must renew your certificate before it expires. The certificate renewal process generates a new certificate that you can install to replace any expiring certificate.
1. Log in to your PayPal account, and navigate to the Manage API Certificate page.
To do so, select My Account > Profile > My Selling Tools, click the Update (API Access) link, then click View
2. On the Manage API Certificate page, check the status of your API Certificate, whether it is Active or About to
3. If the status of your certificate is About to expire, click the Renew certificate button.
An additional certificate is generated and given an Active status. Both the new and old certificates appear in the Manage API Certificate page.
4. On the certificate marked as Active, click Download certificate and follow the steps in Managing Certificate Credentials for details on downloading and using the updated certificate.
After you’ve imported the new API Certificate, test your integration to ensure it works with the new certificate. Distribute your new API Certificate to all affected partners. Once the old certificate expires, remove it by clicking the Remove certificatebutton associated with the certificate.