diff options
Diffstat (limited to 'cmd/web_letsencrypt.go')
| -rw-r--r-- | cmd/web_letsencrypt.go | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/cmd/web_letsencrypt.go b/cmd/web_letsencrypt.go index 096db36b24..066208457b 100644 --- a/cmd/web_letsencrypt.go +++ b/cmd/web_letsencrypt.go @@ -55,6 +55,23 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) tlsConfig := magic.TLSConfig() tlsConfig.NextProtos = append(tlsConfig.NextProtos, "h2") + if version := toTLSVersion(setting.SSLMinimumVersion); version != 0 { + tlsConfig.MinVersion = version + } + if version := toTLSVersion(setting.SSLMaximumVersion); version != 0 { + tlsConfig.MaxVersion = version + } + + // Set curve preferences + if curves := toCurvePreferences(setting.SSLCurvePreferences); len(curves) > 0 { + tlsConfig.CurvePreferences = curves + } + + // Set cipher suites + if ciphers := toTLSCiphers(setting.SSLCipherSuites); len(ciphers) > 0 { + tlsConfig.CipherSuites = ciphers + } + if enableHTTPChallenge { go func() { log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect) |