a lot of clients is still using tls 1.0

This commit is contained in:
Michał Adamski 2022-03-23 00:16:58 +01:00
parent ee6cf5d6f0
commit d9d8470b3a

24
main.go
View file

@ -72,18 +72,18 @@ func myListener(domains ...string) net.Listener {
NextProtos: []string{ NextProtos: []string{
"http/1.1", "acme-tls/1", "http/1.1", "acme-tls/1",
}, },
MinVersion: tls.VersionTLS12, // MinVersion: tls.VersionTLS12,
CipherSuites: []uint16{ // CipherSuites: []uint16{
tls.TLS_AES_128_GCM_SHA256, // tls.TLS_AES_128_GCM_SHA256,
tls.TLS_AES_256_GCM_SHA384, // tls.TLS_AES_256_GCM_SHA384,
tls.TLS_CHACHA20_POLY1305_SHA256, // tls.TLS_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, // tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, // tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, // tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, // tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, // tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, // tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
}, // },
} }
ln, err := tls.Listen("tcp", ":443", cfg) ln, err := tls.Listen("tcp", ":443", cfg)
if err != nil { if err != nil {