From d9d8470b3a8309298a0f261ae0b916e65e2b6434 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Adamski?= <michal@ert.pl>
Date: Wed, 23 Mar 2022 00:16:58 +0100
Subject: [PATCH] a lot of clients is still using tls 1.0

---
 main.go | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/main.go b/main.go
index a385492..dfd8dbf 100644
--- a/main.go
+++ b/main.go
@@ -72,18 +72,18 @@ func myListener(domains ...string) net.Listener {
 		NextProtos: []string{
 			"http/1.1", "acme-tls/1",
 		},
-		MinVersion: tls.VersionTLS12,
-		CipherSuites: []uint16{
-			tls.TLS_AES_128_GCM_SHA256,
-			tls.TLS_AES_256_GCM_SHA384,
-			tls.TLS_CHACHA20_POLY1305_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		},
+		// MinVersion: tls.VersionTLS12,
+		// CipherSuites: []uint16{
+		// 	tls.TLS_AES_128_GCM_SHA256,
+		// 	tls.TLS_AES_256_GCM_SHA384,
+		// 	tls.TLS_CHACHA20_POLY1305_SHA256,
+		// 	tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+		// 	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+		// 	tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+		// 	tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+		// 	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+		// 	tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+		// },
 	}
 	ln, err := tls.Listen("tcp", ":443", cfg)
 	if err != nil {