From 6a848b1a16437fe216cb26a14ee9fcb5c5785464 Mon Sep 17 00:00:00 2001
From: hanslivingstone <20542150+hanslivingstone@users.noreply.github.com>
Date: Tue, 30 Jul 2024 14:18:33 -0700
Subject: [PATCH] Require a minimum of TLS 1.2 (#1889)

TLS 1. is deprecated: https://www.ietf.org/rfc/rfc8996.html
---
 httplib.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/httplib.h b/httplib.h
index d170f32..c7c395f 100644
--- a/httplib.h
+++ b/httplib.h
@@ -8718,7 +8718,7 @@ inline SSLServer::SSLServer(const char *cert_path, const char *private_key_path,
                         SSL_OP_NO_COMPRESSION |
                             SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
 
-    SSL_CTX_set_min_proto_version(ctx_, TLS1_1_VERSION);
+    SSL_CTX_set_min_proto_version(ctx_, TLS1_2_VERSION);
 
     if (private_key_password != nullptr && (private_key_password[0] != '\0')) {
       SSL_CTX_set_default_passwd_cb_userdata(
@@ -8750,7 +8750,7 @@ inline SSLServer::SSLServer(X509 *cert, EVP_PKEY *private_key,
                         SSL_OP_NO_COMPRESSION |
                             SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
 
-    SSL_CTX_set_min_proto_version(ctx_, TLS1_1_VERSION);
+    SSL_CTX_set_min_proto_version(ctx_, TLS1_2_VERSION);
 
     if (SSL_CTX_use_certificate(ctx_, cert) != 1 ||
         SSL_CTX_use_PrivateKey(ctx_, private_key) != 1) {