Set TLS 1.0 as minimum SSL/TLS version, i.e. disallow SSL 3.0.

This commit is contained in:
Solderpunk 2019-06-05 13:32:42 -04:00
parent d80b6676dd
commit c2f90b0006
1 changed files with 5 additions and 1 deletions

View File

@ -2,6 +2,7 @@ package main
import (
"context"
"crypto/tls"
"flag"
"fmt"
"log"
@ -45,8 +46,11 @@ func main() {
errs <- http_server.ListenAndServe()
}()
tlscfg := &tls.Config{
MinVersion: tls.VersionTLS10,
}
// Start the HTTPS server which actually handles most traffic.
https_server := &http.Server{Addr: ":"+strconv.Itoa(config.HttpsPort), Handler: nil}
https_server := &http.Server{Addr: ":"+strconv.Itoa(config.HttpsPort), Handler: nil, TLSConfig: tlscfg}
go func() {
errs <- https_server.ListenAndServeTLS(config.CertPath, config.KeyPath)
}()