http: opt-in to TLS 1.3 (#7483)

This commit enables TLS 1.3 on the server. For Go 1.12 TLS 1.3 is
enabled by an explicit opt-in.

cmd/http/server.go

@@ -20,6 +20,7 @@ import (
 	"crypto/tls"
 	"errors"
 	"net/http"
+	"os"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -31,6 +32,13 @@ import (
 	"github.com/minio/minio/pkg/certs"
 )
 
+func init() {
+	// Opt-in to TLS 1.3. See: https://golang.org/pkg/crypto/tls
+	// In future Go versions TLS 1.3 probably gets enabled by default.
+	// So, we can remove this line as soon as this is the case.
+	os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1")
+}
+
 const (
 	serverShutdownPoll = 500 * time.Millisecond