WIP: initial mtls package #133
@ -179,7 +179,7 @@ type ServerOption func(*ServerOptions)
|
|||||||
|
|||||||
|
|
||||||
func NewServerConfig(src *tls.Config) *tls.Config {
|
func NewServerConfig(src *tls.Config) *tls.Config {
|
||||||
dst := src.Clone()
|
dst := src.Clone()
|
||||||
dst.InsecureSkipVerify = true
|
// dst.InsecureSkipVerify = true
|
||||||
Disabled TLS certificate checkInsecureSkipVerify should not be used in production code. ## Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
[Show more details](https://github.com/unistack-org/micro/security/code-scanning/2)
Disabled TLS certificate checkInsecureSkipVerify should not be used in production code. ## Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
[Show more details](https://github.com/unistack-org/micro/security/code-scanning/2)
|
|||||||
dst.MinVersion = tls.VersionTLS13
|
dst.MinVersion = tls.VersionTLS13
|
||||||
dst.ClientAuth = tls.VerifyClientCertIfGiven
|
dst.ClientAuth = tls.VerifyClientCertIfGiven
|
||||||
return dst
|
return dst
|
||||||
|
|||||||
Disabled TLS certificate checkInsecureSkipVerify should not be used in production code. ## Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
[Show more details](https://github.com/unistack-org/micro/security/code-scanning/2)
Disabled TLS certificate checkInsecureSkipVerify should not be used in production code. ## Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
[Show more details](https://github.com/unistack-org/micro/security/code-scanning/2)
|
Loading…
Reference in New Issue
Block a user
Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
Show more details
Disabled TLS certificate check
InsecureSkipVerify should not be used in production code.
Show more details