26 lines
642 B
Go
26 lines
642 B
Go
|
package client
|
||
|
|
|
||
|
|
import (
|
||
|
|
"crypto/tls"
|
||
|
|
"net/http"
|
||
|
|
)
|
||
|
|
|
||
|
|
func newTLSTransport(skipVerify bool) *http.Transport {
|
||
|
|
// based on https://github.com/denji/golang-tls
|
||
|
|
tlsCfg := &tls.Config{
|
||
|
|
MinVersion: tls.VersionTLS12,
|
||
|
|
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
|
||
|
|
PreferServerCipherSuites: true,
|
||
|
|
CipherSuites: []uint16{
|
||
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||
|
|
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||
|
|
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
|
||
|
|
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
|
||
|
|
},
|
||
|
|
InsecureSkipVerify: skipVerify,
|
||
|
|
}
|
||
|
|
return &http.Transport{
|
||
|
|
TLSClientConfig: tlsCfg,
|
||
|
|
}
|
||
|
|
}
|