Require TLS 1.2 or higher

2021-04-10 11:44:38 +02:00 · 2021-04-10 11:44:38 +02:00 · 76de4ad82c
commit 76de4ad82c
parent 58127ef03c
2 changed files with 3 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -8,7 +8,7 @@ SSH honeypot with web-frontend.

 ## Requirements

-* `go > 1.16`
+* `go >= 1.16`

 Requires a postgres database if you want data to persist through server restart.

--- a/web/server.go
+++ b/web/server.go
@ -2,6 +2,7 @@ package web

 import (
 	"context"
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io"
@ -59,6 +60,7 @@ func NewServer(cfg config.FrontendConfig, hs *honeypot.HoneypotServer, store sto
 		}

 		tlsConfig := certManager.TLSConfig()
+		tlsConfig.MinVersion = tls.VersionTLS12
 		s.TLSConfig = tlsConfig
 		s.RegisterOnShutdown(func() {
 			timeoutCtx, cancel := context.WithTimeout(context.Background(), 3*time.Second)