oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove unnecessary tlsHelpers, SSL works with domain certificate

Browse Source
master
Harshavardhana 10 years ago
parent 666ed34059
commit a947767339
2 changed files with 0 additions and 25 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      pkg/server/httpserver/httpserver.go
  2. 24
      pkg/server/httpserver/tlshelpers.go

1
pkg/server/httpserver/httpserver.go
Unescape View File

@ -84,7 +84,6 @@ func start(ctrlChannel <-chan string, errorChannel chan<- error,
for _, host := range hosts { for _, host := range hosts {
fmt.Printf("Starting minio server on: https://%s:%s\n", host, port) fmt.Printf("Starting minio server on: https://%s:%s\n", host, port)
} }
httpServer.TLSConfig = getDefaultTLSConfig()
err = httpServer.ListenAndServeTLS(config.CertFile, config.KeyFile) err = httpServer.ListenAndServeTLS(config.CertFile, config.KeyFile)
} }
errorChannel <- err errorChannel <- err

24
pkg/server/httpserver/tlshelpers.go
Unescape View File

@ -1,24 +0,0 @@
package httpserver
import "crypto/tls"
func getDefaultTLSConfig() *tls.Config {
config := tls.Config{}
//Use only modern ciphers
config.CipherSuites = []uint16{
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
}
//Don't allow session resumption
config.SessionTicketsDisabled = true
config.ClientAuth = tls.RequireAnyClientCert
return &config
}
Write Preview
Loading…
Cancel
Save