Add base TLS config if no client cert is used

SAP · Mar 25, 2024 · a7d5732 · a7d5732
1 parent 9945f6b
commit a7d5732
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/httpclient/httpclient.go b/httpclient/httpclient.go
@@ -23,7 +23,10 @@ const UserAgent = "go-sec-lib"
 // identity provides certificate and key
 func DefaultTLSConfig(identity env.Identity) (*tls.Config, error) {
 	if !identity.IsCertificateBased() {
-		return nil, nil
+		return &tls.Config{
+			MinVersion:    tls.VersionTLS12,
+			Renegotiation: tls.RenegotiateOnceAsClient,
+		}, nil
 	}
 	certPEMBlock := []byte(identity.GetCertificate())
 	keyPEMBlock := []byte(identity.GetKey())