From 44f5859381567d8b5efd89d8d2deb405bf18150e Mon Sep 17 00:00:00 2001
From: GeorgianaElena <georgiana.dolocan@gmail.com>
Date: Fri, 31 Jan 2020 12:29:25 +0200
Subject: [PATCH 1/2] Set tls min version

---
 tljh/traefik.toml.tpl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tljh/traefik.toml.tpl b/tljh/traefik.toml.tpl
index 2b88b77..1b6de8f 100644
--- a/tljh/traefik.toml.tpl
+++ b/tljh/traefik.toml.tpl
@@ -34,6 +34,7 @@ idleTimeout = "10m0s"
   [entryPoints.https]
   address = ":{{https['port']}}"
   [entryPoints.https.tls]
+  minVersion = "VersionTLS12"
   {% if https['tls']['cert'] %}
     [[entryPoints.https.tls.certificates]]
       certFile = "{{https['tls']['cert']}}"

From 8e3131c8f13a60c166eaaa98835ddea5aef8fc92 Mon Sep 17 00:00:00 2001
From: GeorgianaElena <georgiana.dolocan@gmail.com>
Date: Fri, 31 Jan 2020 12:35:34 +0200
Subject: [PATCH 2/2] Update tests

---
 tests/test_traefik.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/test_traefik.py b/tests/test_traefik.py
index 4ef9065..e15be9c 100644
--- a/tests/test_traefik.py
+++ b/tests/test_traefik.py
@@ -69,7 +69,7 @@ def test_letsencrypt_config(tljh_dir):
 
     assert cfg["entryPoints"] == {
         "http": {"address": ":80", "redirect": {"entryPoint": "https"}},
-        "https": {"address": ":443", "tls": {}},
+        "https": {"address": ":443", "tls": {"minVersion": "VersionTLS12"}},
         "auth_api": {
             "address": "127.0.0.1:8099",
             "auth": {
@@ -110,6 +110,7 @@ def test_manual_ssl_config(tljh_dir):
         "https": {
             "address": ":443",
             "tls": {
+                "minVersion": "VersionTLS12",
                 "certificates": [
                     {"certFile": "/path/to/ssl.cert", "keyFile": "/path/to/ssl.key"}
                 ]