Add support for RSA certificates, remove deprecated tls options
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
7943793fbf
commit
1531c52ae9
|
|
@ -878,9 +878,7 @@ func main() {
|
|||
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
},
|
||||
PreferServerCipherSuites: false,
|
||||
SessionTicketsDisabled: false,
|
||||
Renegotiation: tls.RenegotiateFreelyAsClient,
|
||||
SessionTicketsDisabled: false,
|
||||
NextProtos: []string{
|
||||
"http/1.1",
|
||||
},
|
||||
|
|
@ -892,6 +890,14 @@ func main() {
|
|||
},
|
||||
}
|
||||
|
||||
if serverCertificate.Leaf.PublicKeyAlgorithm == x509.RSA || bogusCertificate.Leaf.PublicKeyAlgorithm == x509.RSA {
|
||||
tlsConfig.CipherSuites = append(tlsConfig.CipherSuites, []uint16{
|
||||
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
}...)
|
||||
}
|
||||
|
||||
if *http2Option {
|
||||
tlsConfig.NextProtos = []string{
|
||||
"h2",
|
||||
|
|
|
|||
Loading…
Reference in a new issue