From 8bd66c985a12bc3b4ab5a149c437ec5e82321c6a Mon Sep 17 00:00:00 2001
From: Kenjiro Nakayama <nakayamakenjiro@gmail.com>
Date: Wed, 7 Jun 2023 09:59:41 +0900
Subject: [PATCH] Set TLS minimum version to 1.3 for Ingress to Activator

---
 cmd/activator/main.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmd/activator/main.go b/cmd/activator/main.go
index ee227c7dc0ea..86ecba021f53 100644
--- a/cmd/activator/main.go
+++ b/cmd/activator/main.go
@@ -285,7 +285,7 @@ func main() {
 		name, server := "https", pkgnet.NewServer(":"+strconv.Itoa(networking.BackendHTTPSPort), ah)
 		go func(name string, s *http.Server) {
 			s.TLSConfig = &tls.Config{
-				MinVersion:     tls.VersionTLS12,
+				MinVersion:     tls.VersionTLS13,
 				GetCertificate: certCache.GetCertificate,
 			}
 			// Don't forward ErrServerClosed as that indicates we're already shutting down.