Merge pull request #41 from Roasbeef/relax-tls

aperture: relax TLS requirements
2025-12-31 16:04:23 +01:00 · 2020-09-01 08:28:57 +02:00
parent 6c57ebe08f d6438114d4
commit 015e75072b
1 changed files with 3 additions and 2 deletions
--- a/aperture.go
+++ b/aperture.go
@@ -63,6 +63,7 @@ var (
 		tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 		tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
 		tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+		tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
 	}
 )

@@ -323,7 +324,7 @@ func getTLSConfig(serverName string, autoCert bool) (*tls.Config, error) {
 		return &tls.Config{
 			GetCertificate: manager.GetCertificate,
 			CipherSuites:   http2TLSCipherSuites,
-			MinVersion:     tls.VersionTLS12,
+			MinVersion:     tls.VersionTLS10,
 		}, nil
 	}

@@ -399,7 +400,7 @@ func getTLSConfig(serverName string, autoCert bool) (*tls.Config, error) {
 	return &tls.Config{
 		Certificates: []tls.Certificate{certData},
 		CipherSuites: http2TLSCipherSuites,
-		MinVersion:   tls.VersionTLS12,
+		MinVersion:   tls.VersionTLS10,
 	}, nil
 }