Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A sample tls server configuration that scored reasonably well on the Qualys SSL test.
srv := &http.Server{
Addr: ":443",
TLSConfig: &tls.Config{
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
},
},
}
// and don't forget this:
//
// w.Header().Set("Strict-Transport-Security","max-age=31536000; includeSubdomains")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment