From bdc589762a24fadea36f652ef7bd932df243a75c Mon Sep 17 00:00:00 2001 From: Andrew Ayer Date: Wed, 14 May 2025 18:41:27 -0400 Subject: [PATCH] Improve http.Client configuration Ensure HTTP/2 can be used. Set IdleConnTimeout to the net/http default. Remove MaxIdleConns limit so that connections are more likely to be reused. --- ctclient/client.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ctclient/client.go b/ctclient/client.go index 69acec2..a587c32 100644 --- a/ctclient/client.go +++ b/ctclient/client.go @@ -32,9 +32,7 @@ func NewHTTPClient(dialContext func(context.Context, string, string) (net.Conn, TLSHandshakeTimeout: 15 * time.Second, ResponseHeaderTimeout: 30 * time.Second, MaxIdleConnsPerHost: 10, - DisableKeepAlives: false, - MaxIdleConns: 100, - IdleConnTimeout: 15 * time.Second, + IdleConnTimeout: 90 * time.Second, ExpectContinueTimeout: 1 * time.Second, TLSClientConfig: &tls.Config{ // We have to disable TLS certificate validation because because several logs @@ -46,7 +44,8 @@ func NewHTTPClient(dialContext func(context.Context, string, string) (net.Conn, // updating should a log ever change to a different CA.) InsecureSkipVerify: true, }, - DialContext: dialContext, + DialContext: dialContext, + ForceAttemptHTTP2: true, }, CheckRedirect: func(*http.Request, []*http.Request) error { return errors.New("redirects not followed")