Closed Jerrychengjun closed 5 years ago
Hello @Jerrychengjun ,
Thank you for reaching us with this case!
We have spoken with one of our administrators responsible for servers security, and we can confirm that we do not support the 3DES Cipher Suite. Because of that, we'd like to ask if you could provide us with a broader context of how have you performed such tests. Additionally, we believe that the 3DES may be visible due to the configuration of the web browser on which you have performed tests – we would truly appreciate if you could check that out and provide us with some additional details. Also, we have run the test of our cdn.livechatinc.com server in order to see which Cipher Suites are being used and we can confirm that 3DES is not among them – here's the link to the test result that is not dependent on LiveChat: https://www.ssllabs.com/ssltest/analyze.html?d=cdn.livechatinc.com
Please feel free to let us know once you will have additional questions or details, as we treat the matter of security seriously at LiveChat. We will truly appreciate it!
@Jerrychengjun ,
We have run some additional tests at our side, and we were able to recreate the same scenario like the one that you have presented on the screenshot sent in your initial message. The 3DES Cipher Suite visible on the screenshot is the part of the regular connectivity negotiation (handshake SSL) that takes place when you are trying to reach our servers (like cdn.livechatinc.com) – in that case, your web browser sends to us various Cipher Suites that are available at your side (configured on your system):
Once you send such configuration to our server, cdn.livechatinc.com decides which Cipher Suite to use. However, you should not worry as we do not support 3DES. Because of that, the server will ignore this type of SSL handshake and will not allow establishing the connection via 3DES, choosing a different available Cipher:
@Jerrychengjun , I hope that this description will provide your team with the necessary information on how LiveChat establishes the connectivity between the client and the server and will confirm that we do not support the 3DES. However, if you will have any other questions or concerns, please don't hesitate to ask, as we will do our best to help!
Thank you for your reply. We have confirmed that this is not a problem.
When livechat sdk connect to livechat server,there is a TLS_RSA_WITH_3DES_EDE_CBC_SHA method need to remove from server,It's not safe.