Golang : Use TLS version 1.2 and enforce server security configuration over client
Problem:
You want to force your Golang program to use TLS(Transport Layer Security) protocol version 1.2 only and use server TLS configuration instead of client. How to do that?
Solution:
Set the MinVersion, MaxVersion parameters to tls.VersionTLS12
and PreferServerCipherSuites to true
. Setting PreferServerCipherSuites will force client to use server TLS configuration.
config.MinVersion = tls.VersionTLS12
config.MaxVersion = tls.VersionTLS12
config.PreferServerCipherSuites = true
For example:
config := tls.Config{Certificates : []tls.Certificate{certificate}, ClientAuth: tls.RequireAnyClientCert}
config.CipherSuites = []uint16{
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}
config.MinVersion = tls.VersionTLS12
config.MaxVersion = tls.VersionTLS12
config.PreferServerCipherSuites = true
References:
See also : Golang : Use modern ciphers only in secure connection
By Adam Ng
IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.
Advertisement
Tutorials
+6.3k Golang : How to determine if request or crawl is from Google robots
+4.4k MariaDB/MySQL : How to get version information
+45.7k Golang : Read tab delimited file with encoding/csv package
+15.1k Golang : invalid character ',' looking for beginning of value
+14.3k Golang : Convert(cast) int to float example
+14.9k Golang : Get HTTP protocol version example
+14k Golang : Get uploaded file name or access uploaded files
+26.5k Golang : Convert file content into array of bytes
+6.4k Golang : How to validate ISBN?
+11.7k Golang : Clean formatting/indenting or pretty print JSON result
+5.7k Unix/Linux : How to open tar.gz file ?
+11.8k Golang : Decompress zlib file example