Merge pull request #11660 from ninjadq/add_tls_12_min_version_for_registry

Add tls 12 min version for registry

make/photon/prepare/templates/registry/config.yml.jinja

@@ -24,6 +24,8 @@ http:
 {% if internal_tls.enabled %}
   addr: :5443
   tls:
+    certificate: /etc/harbor/tls/registry.crt
+    key: /etc/harbor/tls/registry.key
     minimumtls: tls1.2
 {% else %}
   addr: :5000
@@ -31,12 +33,6 @@ http:
   secret: placeholder
   debug:
     addr: localhost:5001
-{% if internal_tls.enabled %}
-  tls:
-    certificate: /etc/harbor/tls/registry.crt
-    key: /etc/harbor/tls/registry.key
-{% endif %}
-
 auth:
   htpasswd:
     realm: harbor-registry-basic-realm

src/common/http/client.go

@@ -57,6 +57,8 @@ func init() {
 	}
 }
 
+// Use this instead of Default Transport in library because it sets ForceAttemptHTTP2 to true
+// And that options introduced in go 1.13 will cause the https requests hang forever in replication environment
 func newDefaultTransport() *http.Transport {
 	return &http.Transport{
 		Proxy: http.ProxyFromEnvironment,