1. 29 Jan, 2019 1 commit
    • Steven Danna's avatar
      Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites · 59f8b02d
      Steven Danna authored
      Some environments are subject to strict rules about the permitted TLS
      protocol verion and available ciphers. Setting TLSv1.2 as the minimum
      version ensures we do not use weaker protocols. We've opted against
      making this configurable given the age of TLSv1.2 and the increasing
      push to deprecate TLSv1.1 and older.
      
      The PreferServerCipherSuites setting is also commonly flagged by SSL
      quality scanning tools. Since Go provides a relatively modern set of
      default ciphers by default, defaulting this to true is unlikely to
      make much practical difference.
      Signed-off-by: 's avatarSteven Danna <steve@chef.io>
      59f8b02d
  2. 24 Jan, 2019 1 commit
  3. 23 Jan, 2019 1 commit
  4. 11 Jan, 2019 5 commits
  5. 09 Jan, 2019 2 commits
  6. 27 Dec, 2018 2 commits
  7. 14 Dec, 2018 1 commit
  8. 13 Dec, 2018 4 commits
  9. 06 Dec, 2018 1 commit
  10. 04 Dec, 2018 3 commits
  11. 03 Dec, 2018 4 commits
  12. 02 Dec, 2018 1 commit
  13. 30 Nov, 2018 1 commit
  14. 29 Nov, 2018 3 commits
  15. 27 Nov, 2018 1 commit
  16. 26 Nov, 2018 5 commits
  17. 23 Nov, 2018 4 commits