From 329baa949ea4813fc5f613cbae225d1dd93e2ee1 Mon Sep 17 00:00:00 2001
From: kruskall <99559985+kruskall@users.noreply.github.com>
Date: Tue, 29 Aug 2023 16:09:07 +0200
Subject: [PATCH] test: use tls 1.2 on TLSClientAuth test (#11510)

This test is failing on Go 1.21+ because the alert/error message was
fixed is now returning 'certificate required' instead of
'bad certificate'.

See https://go.dev/doc/go1.21#crypto/tls
---
 systemtest/tls_test.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/systemtest/tls_test.go b/systemtest/tls_test.go
index b32f2bfd69a..17a89bf2072 100644
--- a/systemtest/tls_test.go
+++ b/systemtest/tls_test.go
@@ -94,7 +94,11 @@ func TestTLSClientAuth(t *testing.T) {
 		return nil
 	}
 
-	err := attemptRequest(t, &tls.Config{InsecureSkipVerify: true})
+	err := attemptRequest(t, &tls.Config{
+		InsecureSkipVerify: true,
+		// TODO remove this and update the error message once we bump to go 1.21
+		MaxVersion: tls.VersionTLS12,
+	})
 	require.Error(t, err)
 	assert.Regexp(t, "tls: bad certificate", err.Error())
 	logs := srv.Logs.Iterator()