diff --git a/internalshared/configutil/listener.go b/internalshared/configutil/listener.go index 64e618489..7260c9cc1 100644 --- a/internalshared/configutil/listener.go +++ b/internalshared/configutil/listener.go @@ -55,8 +55,6 @@ type Listener struct { TLSMaxVersion string `hcl:"tls_max_version"` TLSCipherSuites []uint16 `hcl:"-"` TLSCipherSuitesRaw string `hcl:"tls_cipher_suites"` - TLSPreferServerCipherSuites bool `hcl:"-"` - TLSPreferServerCipherSuitesRaw interface{} `hcl:"tls_prefer_server_cipher_suites"` TLSRequireAndVerifyClientCert bool `hcl:"-"` TLSRequireAndVerifyClientCertRaw interface{} `hcl:"tls_require_and_verify_client_cert"` TLSClientCAFile string `hcl:"tls_client_ca_file"` @@ -216,14 +214,6 @@ func ParseListeners(result *SharedConfig, list *ast.ObjectList) error { } } - if l.TLSPreferServerCipherSuitesRaw != nil { - if l.TLSPreferServerCipherSuites, err = parseutil.ParseBool(l.TLSPreferServerCipherSuitesRaw); err != nil { - return multierror.Prefix(fmt.Errorf("invalid value for tls_prefer_server_cipher_suites: %w", err), fmt.Sprintf("listeners.%d", i)) - } - - l.TLSPreferServerCipherSuitesRaw = nil - } - if l.TLSRequireAndVerifyClientCertRaw != nil { if l.TLSRequireAndVerifyClientCert, err = parseutil.ParseBool(l.TLSRequireAndVerifyClientCertRaw); err != nil { return multierror.Prefix(fmt.Errorf("invalid value for tls_require_and_verify_client_cert: %w", err), fmt.Sprintf("listeners.%d", i)) diff --git a/internalshared/listenerutil/listener.go b/internalshared/listenerutil/listener.go index c6801aa40..c5b77f287 100644 --- a/internalshared/listenerutil/listener.go +++ b/internalshared/listenerutil/listener.go @@ -101,10 +101,9 @@ func TLSConfig( PASSPHRASECORRECT: tlsConf := &tls.Config{ - GetCertificate: cg.GetCertificate, - NextProtos: []string{"h2", "http/1.1"}, - ClientAuth: tls.RequestClientCert, - PreferServerCipherSuites: l.TLSPreferServerCipherSuites, + GetCertificate: cg.GetCertificate, + NextProtos: []string{"h2", "http/1.1"}, + ClientAuth: tls.RequestClientCert, } if l.TLSMinVersion == "" {