From 7c06c1399f1136a06880f42e7ec7805daad04b81 Mon Sep 17 00:00:00 2001
From: Earle Lowe <e.lowe@chia.net>
Date: Fri, 20 Dec 2024 10:19:27 -0800
Subject: [PATCH] Set minimum to TLSv1.3

---
 chia/server/server.py | 14 +-------------
 1 file changed, 1 insertion(+), 13 deletions(-)

diff --git a/chia/server/server.py b/chia/server/server.py
index 1ff72c2214a5..5e35a7350763 100644
--- a/chia/server/server.py
+++ b/chia/server/server.py
@@ -58,19 +58,7 @@ def ssl_context_for_server(
 
     ssl_context = ssl._create_unverified_context(purpose=ssl.Purpose.CLIENT_AUTH, cafile=str(ca_cert))
     ssl_context.check_hostname = False
-    ssl_context.minimum_version = ssl.TLSVersion.TLSv1_2
-    ssl_context.set_ciphers(
-        "ECDHE-ECDSA-AES256-GCM-SHA384:"
-        "ECDHE-RSA-AES256-GCM-SHA384:"
-        "ECDHE-ECDSA-CHACHA20-POLY1305:"
-        "ECDHE-RSA-CHACHA20-POLY1305:"
-        "ECDHE-ECDSA-AES128-GCM-SHA256:"
-        "ECDHE-RSA-AES128-GCM-SHA256:"
-        "ECDHE-ECDSA-AES256-SHA384:"
-        "ECDHE-RSA-AES256-SHA384:"
-        "ECDHE-ECDSA-AES128-SHA256:"
-        "ECDHE-RSA-AES128-SHA256"
-    )
+    ssl_context.minimum_version = ssl.TLSVersion.TLSv1_3
     ssl_context.load_cert_chain(certfile=str(cert_path), keyfile=str(key_path))
     ssl_context.verify_mode = ssl.CERT_REQUIRED
     return ssl_context