Commit 859a93d2 authored by Eldin Hadzic's avatar Eldin Hadzic

Fix for #721

parent a14fce0b
...@@ -404,7 +404,7 @@ const AlternatePort = "5033" ...@@ -404,7 +404,7 @@ const AlternatePort = "5033"
// KeyType is the type to use for new keys. // KeyType is the type to use for new keys.
// This shouldn't need to change except for in tests; // This shouldn't need to change except for in tests;
// the size can be drastically reduced for speed. // the size can be drastically reduced for speed.
var KeyType acme.KeyType var KeyType = acme.RSA2048
// stopChan is used to signal the maintenance goroutine // stopChan is used to signal the maintenance goroutine
// to terminate. // to terminate.
......
...@@ -228,10 +228,6 @@ func loadCertsInDir(c *setup.Controller, dir string) error { ...@@ -228,10 +228,6 @@ func loadCertsInDir(c *setup.Controller, dir string) error {
// port to 443 if not already set, TLS is enabled, TLS is manual, and the host // port to 443 if not already set, TLS is enabled, TLS is manual, and the host
// does not equal localhost. // does not equal localhost.
func setDefaultTLSParams(c *server.Config) { func setDefaultTLSParams(c *server.Config) {
if KeyType == "" {
KeyType = acme.RSA2048
}
// If no ciphers provided, use default list // If no ciphers provided, use default list
if len(c.TLS.Ciphers) == 0 { if len(c.TLS.Ciphers) == 0 {
c.TLS.Ciphers = defaultCiphers c.TLS.Ciphers = defaultCiphers
......
...@@ -55,6 +55,11 @@ func TestSetupParseBasic(t *testing.T) { ...@@ -55,6 +55,11 @@ func TestSetupParseBasic(t *testing.T) {
t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMaxVersion, got %v", c.TLS.ProtocolMaxVersion) t.Errorf("Expected 'tls1.2 (0x0303)' as ProtocolMaxVersion, got %v", c.TLS.ProtocolMaxVersion)
} }
// KeyType default
if KeyType != acme.RSA2048 {
t.Errorf("Expected '2048' as KeyType, got %#v", KeyType)
}
// Cipher checks // Cipher checks
expectedCiphers := []uint16{ expectedCiphers := []uint16{
tls.TLS_FALLBACK_SCSV, tls.TLS_FALLBACK_SCSV,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment