diff --git a/api/api.go b/api/api.go index 5816d6c..62f300f 100755 --- a/api/api.go +++ b/api/api.go @@ -267,6 +267,9 @@ func New( c.http.Transport = &http.Transport{ TLSClientConfig: &tls.Config{ InsecureSkipVerify: true, //nolint:gosec,G402 + MinVersion: tls.VersionTLS12, + MaxVersion: tls.VersionTLS13, + CipherSuites: GetSecuredCipherSuites(), }, } } else { @@ -278,6 +281,9 @@ func New( TLSClientConfig: &tls.Config{ //nolint:gosec,G402 RootCAs: pool, InsecureSkipVerify: false, + MinVersion: tls.VersionTLS12, + MaxVersion: tls.VersionTLS13, + CipherSuites: GetSecuredCipherSuites(), }, } } @@ -745,3 +751,12 @@ func FetchValueIndexForKey(l string, match string, sep string) (int, int, int) { } return startIndex, endIndex, len(match) } + +// GetSecuredCipherSuites returns a set of secure cipher suites. +func GetSecuredCipherSuites() (suites []uint16) { + securedSuite := tls.CipherSuites() + for _, v := range securedSuite { + suites = append(suites, v.ID) + } + return suites +}