This repository has been archived on 2023-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
dex/cmd/dex
Steven Danna 59f8b02d47
Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites
Some environments are subject to strict rules about the permitted TLS
protocol verion and available ciphers. Setting TLSv1.2 as the minimum
version ensures we do not use weaker protocols. We've opted against
making this configurable given the age of TLSv1.2 and the increasing
push to deprecate TLSv1.1 and older.

The PreferServerCipherSuites setting is also commonly flagged by SSL
quality scanning tools. Since Go provides a relatively modern set of
default ciphers by default, defaulting this to true is unlikely to
make much practical difference.

Signed-off-by: Steven Danna <steve@chef.io>
2019-01-29 11:18:55 +00:00
..
config_test.go Change config test to non-default expiry settings 2018-12-13 14:47:51 +01:00
config.go Make expiry of auth requests configurable 2018-12-13 11:50:34 +01:00
main.go cmd/dex: rename file 2016-10-03 12:56:09 -07:00
serve.go Set minimum TLS protocol version to TLSv1.2, set PreferServerCipherSuites 2019-01-29 11:18:55 +00:00
version.go *: github.com/coreos/dex -> github.com/dexidp/dex 2018-09-05 17:57:08 +02:00