Set TLS 1.0 as minimum SSL/TLS version, i.e. disallow SSL 3.0.
This commit is contained in:
parent
d80b6676dd
commit
c2f90b0006
6
main.go
6
main.go
|
@ -2,6 +2,7 @@ package main
|
|||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"flag"
|
||||
"fmt"
|
||||
"log"
|
||||
|
@ -45,8 +46,11 @@ func main() {
|
|||
errs <- http_server.ListenAndServe()
|
||||
}()
|
||||
|
||||
tlscfg := &tls.Config{
|
||||
MinVersion: tls.VersionTLS10,
|
||||
}
|
||||
// Start the HTTPS server which actually handles most traffic.
|
||||
https_server := &http.Server{Addr: ":"+strconv.Itoa(config.HttpsPort), Handler: nil}
|
||||
https_server := &http.Server{Addr: ":"+strconv.Itoa(config.HttpsPort), Handler: nil, TLSConfig: tlscfg}
|
||||
go func() {
|
||||
errs <- https_server.ListenAndServeTLS(config.CertPath, config.KeyPath)
|
||||
}()
|
||||
|
|
Loading…
Reference in New Issue