Hi
I’ve recently started using SSL Enforcer, which can prevent any program/browser in Windows from using specific protocols, as part of my work, where we need to keep a minimum level of security.
I’ve set it up to prevent usage of TLS 1.0, TLS 1.1, SSL2 and SSL3, as those protocols are outdated and no longer considered secure.
Your desktop app seems to be using TLS 1.0 (denied by SSL Enforcer) and does not seem able to use at least TLS 1.2 (permitted by SSL Enforcer), in regard to updating Modern Warfare.
It may actually be the game developers servers (I don’t know where the updates are retrieved from), that does not support TLS 1.2, as your app seems to be able to log me in correctly.
I’ve only tried updating Modern Warfare which fails with SSL Enforcer on. I have not tried updating other games yet, as they are already up to date.
I’d suggest you check if your app supports TLS 1.0, TLS 1.1, SSL2 and SSL3, and then remove those protocols from the app, and ensures that it supports TLS 1.2 and any newer protocol, which is considered secure by the “Security World” in general.
If the issue can be traced to the game developers, then I’d recommend you add a requirement in your contracts with the game developers that they adhere to a minimum of encryption, when using your Blizzard-store.
But it seems to be one of your servers, when running the update with lower security on SSL Enforcer:
[12.20 21:10:08] agent.exe - 67.27.154.126:80 bypassed for level3,blizzard,com (HTTPS is not available for this host)