• Steven Danna's avatar
    Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites · 59f8b02d
    Steven Danna authored
    Some environments are subject to strict rules about the permitted TLS
    protocol verion and available ciphers. Setting TLSv1.2 as the minimum
    version ensures we do not use weaker protocols. We've opted against
    making this configurable given the age of TLSv1.2 and the increasing
    push to deprecate TLSv1.1 and older.
    
    The PreferServerCipherSuites setting is also commonly flagged by SSL
    quality scanning tools. Since Go provides a relatively modern set of
    default ciphers by default, defaulting this to true is unlikely to
    make much practical difference.
    Signed-off-by: 's avatarSteven Danna <steve@chef.io>
    59f8b02d
Name
Last commit
Last update
..
dex Loading commit data...
example-app Loading commit data...