If you run a Go server that supports SSL/TLS, you should update your configuration to disable SSLv3 today. The sample code below sets the minimal accepted version to TLSv1, and reorganizes the default ciphersuite to match Mozilla's Server Side TLS guidelines.
Thank you to @jrconlin for the code cleanup!
package main
import (
"crypto/rand"
"crypto/tls"
"fmt"
)
func main() {
certificate, err := tls.LoadX509KeyPair("server.pem", "server.key")
if err != nil {
panic(err)
}
config := tls.Config{
Certificates: []tls.Certificate{certificate},
MinVersion: tls.VersionTLS10,
PreferServerCipherSuites: true,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA},
}
config.Rand = rand.Reader
netlistener, err := tls.Listen("tcp", "127.0.0.1:50443", &config)
if err != nil {
panic(err)
}
newnetlistener := tls.NewListener(netlistener, &config)
fmt.Println("I am listening...")
for {
newconn, err := newnetlistener.Accept()
if err != nil {
fmt.Println(err)
}
fmt.Printf("Got a new connection from %s. Say Hi!\n", newconn.RemoteAddr())
newconn.Write([]byte("ohai"))
newconn.Close()
}
}
Run the server above with $ go run tls_server.go
and test the output with cipherscan:
$ ./cipherscan 127.0.0.1:50443
........
Target: 127.0.0.1:50443
prio ciphersuite protocols pfs_keysize
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits
2 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
4 AES128-SHA TLSv1,TLSv1.1,TLSv1.2
5 AES256-SHA TLSv1,TLSv1.1,TLSv1.2
6 ECDHE-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
7 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2
Certificate: UNTRUSTED, 2048 bit, sha1WithRSAEncryption signature
TLS ticket lifetime hint: None
OCSP stapling: not supported
Server side cipher ordering