Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
crypto/tls: TLS 1.3 only negotiates weakest possible cipher #35096
What version of Go are you using (
Without PreferServerCihersuites the preference order is based on the client's preference. The server side preference order is based on the hardware support, to optimize for the best performance, as all cipher suites provide plenty of security margin. crypto/tls doesn't let applications configure a number of things (like signature algorithms) when a safe choice can be made by the library, cipher suites are no different.