SSL/TLS specification of the webhook source

When a bot server gets webhook events sent from the LINE Platform, it must use HTTPS communication. Use an SSL/TLS certificate issued by a public certification authority for HTTPS communication. You can purchase an SSL certificate, or you can use a free certificate, such as Let's Encrypt.

Bot servers that receive webhooks must support HTTPS communication based on the following specifications:

Supported cipher suites

Cipher suites with Deprecated status are maintained for compatibility, but may be discontinued without notice in the near future. Also, supported SSL/TLS protocol versions and HTTP versions vary by cipher suite.

The table can be scrolled left or right

Scroll the table to the right to see the status of each cipher suite, the supported SSL/TLS protocol version, and the supported HTTP version.

IANAOpenSSLHex codeStatusSupported SSL/TLS protocol versionsSupported HTTP versions
TLS_AES_256_GCM_SHA384TLS_AES_256_GCM_SHA3840x13, 0x02TLS 1.3
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_CHACHA20_POLY1305_SHA256TLS_CHACHA20_POLY1305_SHA2560x13, 0x03TLS 1.3
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_AES_128_GCM_SHA256TLS_AES_128_GCM_SHA2560x13, 0x01TLS 1.3
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256ECDHE-ECDSA-AES128-GCM-SHA2560xc0, 0x2bTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256ECDHE-RSA-AES128-GCM-SHA2560xc0,0x2fTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384ECDHE-ECDSA-AES256-GCM-SHA3840xc0, 0x2cTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384ECDHE-RSA-AES256-GCM-SHA3840xc0, 0x30TLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256ECDHE-ECDSA-CHACHA20-POLY13050xcc, 0xa9TLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256ECDHE-RSA-CHACHA20-POLY13050xcc, 0xa8TLS 1.2
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHAECDHE-RSA-AES128-SHA0xc0, 0x13DeprecatedTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAECDHE-RSA-AES256-SHA0xc0, 0x14DeprecatedTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
TLS_RSA_WITH_AES_128_GCM_SHA256AES128-GCM-SHA2560x00, 0x9cDeprecatedTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
TLS_RSA_WITH_AES_128_CBC_SHAAES128-SHA0x00, 0x2fDeprecatedTLS 1.2
  • HTTP/1.0
  • HTTP/1.1
TLS_RSA_WITH_AES_256_CBC_SHAAES256-SHA0x00, 0x35DeprecatedTLS 1.2
  • HTTP/1.0
  • HTTP/1.1

Supported SSL/TLS protocol versions

Supported protocol versions vary by cipher suite. For more information, see the "Supported SSL/TLS protocol versions" column under Supported cipher suites.

Protocol versionSupported
TLS 1.3
TLS 1.2
TLS 1.1 or lower

Supported HTTP versions

Supported HTTP versions vary by cipher suite. For more information, see the "Supported HTTP versions" column under Supported cipher suites.

HTTP versionSupported
HTTP/2
HTTP/1.1
HTTP/1.0