*: use TLS.Config.MaxVersion to TLS 1.2

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>

integration/v3_tls_test.go

@@ -56,9 +56,6 @@ func testTLSCipherSuites(t *testing.T, valid bool) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	// go1.13 enables TLS13 by default, and in TLS13, cipher suites are not configurable
-	// setting Max TLS version to TLS12 for go1.13
-	cc.MaxVersion = tls.VersionTLS12
 	cli, cerr := clientv3.New(clientv3.Config{
 		Endpoints:   []string{clus.Members[0].GRPCAddr()},
 		DialTimeout: time.Second,

pkg/transport/listener.go

@@ -377,6 +377,11 @@ func (info TLSInfo) ServerConfig() (*tls.Config, error) {
 	// "h2" NextProtos is necessary for enabling HTTP2 for go's HTTP server
 	cfg.NextProtos = []string{"h2"}
 
+	// go1.13 enables TLS 1.3 by default
+	// and in TLS 1.3, cipher suites are not configurable
+	// setting Max TLS version to TLS 1.2 for go 1.13
+	cfg.MaxVersion = tls.VersionTLS12
+
 	return cfg, nil
 }
 
@@ -428,6 +433,11 @@ func (info TLSInfo) ClientConfig() (*tls.Config, error) {
 		}
 	}
 
+	// go1.13 enables TLS 1.3 by default
+	// and in TLS 1.3, cipher suites are not configurable
+	// setting Max TLS version to TLS 1.2 for go 1.13
+	cfg.MaxVersion = tls.VersionTLS12
+
 	return cfg, nil
 }