diff options
author | Julien Pivotto <roidelapluie@inuits.eu> | 2020-04-25 15:51:32 +0200 |
---|---|---|
committer | Johannes 'fish' Ziemke <github@freigeist.org> | 2020-04-28 00:33:08 +0200 |
commit | 0ef1d4dc1596d1b5a7ec468ab9cef03fec277132 (patch) | |
tree | c717b5bcb3193b96606474ff47c089be38dbe579 | |
parent | 091bed01b084d8972a8d11a8a1325ce12646660a (diff) | |
download | prometheus_node_collector-0ef1d4dc1596d1b5a7ec468ab9cef03fec277132.tar.bz2 prometheus_node_collector-0ef1d4dc1596d1b5a7ec468ab9cef03fec277132.tar.xz prometheus_node_collector-0ef1d4dc1596d1b5a7ec468ab9cef03fec277132.zip |
TLS: only support TLS 1.2
TLS 1.0 and 1.1 are deprecated by major vendors (e.g. browsers).
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
-rw-r--r-- | https/tls_config.go | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/https/tls_config.go b/https/tls_config.go index 7d381b8..4b29862 100644 --- a/https/tls_config.go +++ b/https/tls_config.go | |||
@@ -50,7 +50,9 @@ func getTLSConfig(configPath string) (*tls.Config, error) { | |||
50 | 50 | ||
51 | // ConfigToTLSConfig generates the golang tls.Config from the TLSStruct config. | 51 | // ConfigToTLSConfig generates the golang tls.Config from the TLSStruct config. |
52 | func ConfigToTLSConfig(c *TLSStruct) (*tls.Config, error) { | 52 | func ConfigToTLSConfig(c *TLSStruct) (*tls.Config, error) { |
53 | cfg := &tls.Config{} | 53 | cfg := &tls.Config{ |
54 | MinVersion: tls.VersionTLS12, | ||
55 | } | ||
54 | if len(c.TLSCertPath) == 0 { | 56 | if len(c.TLSCertPath) == 0 { |
55 | return nil, errors.New("missing TLSCertPath") | 57 | return nil, errors.New("missing TLSCertPath") |
56 | } | 58 | } |