Default to TLS 1.2 as minimum version (#62)

* first draft * default server params should setup tls min version * make the default server created secure by default
palantir · Sep 9, 2021 · c1d302b · c1d302b
1 parent 6958848
commit c1d302b
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/baseapp/server.go b/baseapp/server.go
@@ -16,6 +16,7 @@ package baseapp
 
 import (
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -76,7 +77,11 @@ func NewServer(c HTTPConfig, params ...Param) (*Server, error) {
 	}
 
 	if base.server == nil {
-		base.server = &http.Server{}
+		base.server = &http.Server{
+			TLSConfig: &tls.Config{
+				MinVersion: tls.VersionTLS12,
+			},
+		}
 	}
 
 	if base.server.Addr == "" {