From 557fd9ea187b1279b43ff63b94fedf2320aa3351 Mon Sep 17 00:00:00 2001
From: Daniel Schalla <daniel@schalla.me>
Date: Tue, 16 Oct 2018 16:51:46 +0200
Subject: Set default ciphers, set tls 1.2 via config, set curve prefs (#9315)

Config Checks at StartUp Part1

Config Checks; Tests for TLS Server

HSTS header implementation + tests

make gofmt happy with new go version...

make gofmt happy with new go version #2...

fix logic bug

fix typo

Fix unnecessary code block
---
 config/default.json | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'config')

diff --git a/config/default.json b/config/default.json
index b303365b5..14f8248ff 100644
--- a/config/default.json
+++ b/config/default.json
@@ -7,6 +7,10 @@
         "ConnectionSecurity": "",
         "TLSCertFile": "",
         "TLSKeyFile": "",
+        "TLSMinVer": "1.2",
+        "TLSStrictTransport": false,
+        "TLSStrictTransportMaxAge": 63072000,
+        "TLSOverwriteCiphers": [],
         "UseLetsEncrypt": false,
         "LetsEncryptCertificateCacheFile": "./config/letsencrypt.cache",
         "Forward80To443": false,
-- 
cgit v1.2.3-1-g7c22