evie/caddy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable TLS 1.0/1.1

Browse source
This commit is contained in:
Evie Viau-Chow-Stuart 2025-12-04 23:25:35 -08:00
parent 551f793700
commit b9ecf19980
Signed by: evie
GPG key ID: 928652CDFCEC8099
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
modules/caddytls/connpolicy.go
View file

@ -139,7 +139,7 @@ func (cp ConnectionPolicies) TLSConfig(ctx caddy.Context) *tls.Config {
} }
tlsCfg := &tls.Config{ tlsCfg := &tls.Config{
MinVersion: tls.VersionTLS12, MinVersion: tls.VersionTLS10,
GetConfigForClient: getConfigForClient, GetConfigForClient: getConfigForClient,
} }

5
modules/caddytls/values.go
View file

@ -117,7 +117,10 @@ var defaultCurves = []tls.CurveID{
} }
// SupportedProtocols is a map of supported protocols. // SupportedProtocols is a map of supported protocols.
// Note that HTTP/2 only supports TLS 1.2 and higher.
var SupportedProtocols = map[string]uint16{ var SupportedProtocols = map[string]uint16{
"tls1.0": tls.VersionTLS10,
"tls1.1": tls.VersionTLS11,
"tls1.2": tls.VersionTLS12, "tls1.2": tls.VersionTLS12,
"tls1.3": tls.VersionTLS13, "tls1.3": tls.VersionTLS13,
} }
@ -127,8 +130,6 @@ var SupportedProtocols = map[string]uint16{
var unsupportedProtocols = map[string]uint16{ var unsupportedProtocols = map[string]uint16{
//nolint:staticcheck //nolint:staticcheck
"ssl3.0": tls.VersionSSL30, "ssl3.0": tls.VersionSSL30,
"tls1.0": tls.VersionTLS10,
"tls1.1": tls.VersionTLS11,
} }
// publicKeyAlgorithms is the map of supported public key algorithms. // publicKeyAlgorithms is the map of supported public key algorithms.