• Steven Danna's avatar
    Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites · 59f8b02d
    Steven Danna authored
    Some environments are subject to strict rules about the permitted TLS
    protocol verion and available ciphers. Setting TLSv1.2 as the minimum
    version ensures we do not use weaker protocols. We've opted against
    making this configurable given the age of TLSv1.2 and the increasing
    push to deprecate TLSv1.1 and older.
    
    The PreferServerCipherSuites setting is also commonly flagged by SSL
    quality scanning tools. Since Go provides a relatively modern set of
    default ciphers by default, defaulting this to true is unlikely to
    make much practical difference.
    Signed-off-by: 's avatarSteven Danna <steve@chef.io>
    59f8b02d
Name
Last commit
Last update
Documentation Loading commit data...
api Loading commit data...
cmd Loading commit data...
connector Loading commit data...
examples Loading commit data...
scripts Loading commit data...
server Loading commit data...
storage Loading commit data...
vendor Loading commit data...
version Loading commit data...
web Loading commit data...
.dockerignore Loading commit data...
.gitignore Loading commit data...
.travis.yml Loading commit data...
DCO Loading commit data...
Dockerfile Loading commit data...
LICENSE Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
NOTICE Loading commit data...
README.md Loading commit data...
code-of-conduct.md Loading commit data...
go.mod Loading commit data...
go.sum Loading commit data...
vendor.go Loading commit data...