search

fabiolb / fabio

Consul Load-Balancing made simple
https://fabiolb.net
MIT License
7.25k stars 620 forks source link

[proxy/tls] Update supported TLS versions and cipher suites #858

Closed dcarbone closed 1 year ago

dcarbone commented 2 years ago

The current list of supported TLS versions is as follows:

var tlsver = map[uint16]string{
    tls.VersionSSL30: "ssl30",
    tls.VersionTLS10: "tls10",
    tls.VersionTLS11: "tls11",
    tls.VersionTLS12: "tls12",
}

We should do the following:

  1. Remove tls.VersionSSL30 from the map
  2. Add tls.VersionTLS13 to the map
  3. Add a deprecation warning when tls.VersionTLS10 or tls.VersionTLS11 is selected.