Merge pull request #647 from harshavardhana/pr_out_remove_unnecessary_tlshelpers_ssl_works_with_domain_certificate
commit
0c5aa7a3d8
@ -1,24 +0,0 @@ |
||||
package httpserver |
||||
|
||||
import "crypto/tls" |
||||
|
||||
func getDefaultTLSConfig() *tls.Config { |
||||
config := tls.Config{} |
||||
|
||||
//Use only modern ciphers
|
||||
config.CipherSuites = []uint16{ |
||||
tls.TLS_RSA_WITH_AES_128_CBC_SHA, |
||||
tls.TLS_RSA_WITH_AES_256_CBC_SHA, |
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, |
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, |
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, |
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, |
||||
} |
||||
|
||||
//Don't allow session resumption
|
||||
config.SessionTicketsDisabled = true |
||||
config.ClientAuth = tls.RequireAnyClientCert |
||||
return &config |
||||
} |
Loading…
Reference in new issue