From 095be83f2f31e608aa6d8cac5d16fcf259be3f9d Mon Sep 17 00:00:00 2001
From: Nikolay <nik@victoriametrics.com>
Date: Wed, 13 Jan 2021 01:35:47 +0300
Subject: [PATCH] bumps minimal tls version (#1012)

---
 lib/httpserver/httpserver.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/httpserver/httpserver.go b/lib/httpserver/httpserver.go
index 5f202289e..d34ccd7e4 100644
--- a/lib/httpserver/httpserver.go
+++ b/lib/httpserver/httpserver.go
@@ -89,7 +89,9 @@ func Serve(addr string, rh RequestHandler) {
 			logger.Fatalf("cannot load TLS cert from tlsCertFile=%q, tlsKeyFile=%q: %s", *tlsCertFile, *tlsKeyFile, err)
 		}
 		cfg := &tls.Config{
-			Certificates: []tls.Certificate{cert},
+			Certificates:             []tls.Certificate{cert},
+			MinVersion:               tls.VersionTLS12,
+			PreferServerCipherSuites: true,
 		}
 		ln = tls.NewListener(ln, cfg)
 	}