Merge pull request #498 from GeorgianaElena/tls_version

Set tls 1.2 to be the min version
2025-12-18 21:54:05 +08:00 · 2020-01-31 12:41:00 -08:00
parent af55717b6f 8e3131c8f1
commit edb7c29daf
2 changed files with 3 additions and 1 deletions
--- a/tests/test_traefik.py
+++ b/tests/test_traefik.py
@@ -69,7 +69,7 @@ def test_letsencrypt_config(tljh_dir):

    assert cfg["entryPoints"] == {
        "http": {"address": ":80", "redirect": {"entryPoint": "https"}},
-        "https": {"address": ":443", "tls": {}},
+        "https": {"address": ":443", "tls": {"minVersion": "VersionTLS12"}},
        "auth_api": {
            "address": "127.0.0.1:8099",
            "auth": {
@@ -110,6 +110,7 @@ def test_manual_ssl_config(tljh_dir):
        "https": {
            "address": ":443",
            "tls": {
+                "minVersion": "VersionTLS12",
                "certificates": [
                    {"certFile": "/path/to/ssl.cert", "keyFile": "/path/to/ssl.key"}
                ]
--- a/tljh/traefik.toml.tpl
+++ b/tljh/traefik.toml.tpl
@@ -34,6 +34,7 @@ idleTimeout = "10m0s"
  [entryPoints.https]
  address = ":{{https['port']}}"
  [entryPoints.https.tls]
+  minVersion = "VersionTLS12"
  {% if https['tls']['cert'] %}
    [[entryPoints.https.tls.certificates]]
      certFile = "{{https['tls']['cert']}}"