Merge pull request #527 from akutz/bugfix/tls-insecure-parsing

Fix for TLS Insecure Parsing
thecodeteam · Apr 30, 2017 · 1ee78da · 1ee78da
2 parents d414c47 + e65dce0
commit 1ee78da
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/api/utils/utils_tls.go b/api/utils/utils_tls.go
@@ -100,6 +100,7 @@ func ParseTLSConfig(
 		if strings.EqualFold(v, "insecure") {
 			f(types.ConfigTLS, "insecure")
 			newTLS(types.ConfigTLS, "insecure")
+			tlsConfig.InsecureSkipVerify = true
 
 			// check to see if TLS is enabled with peers
 		} else if strings.EqualFold(v, "verifyPeers") {
@@ -147,7 +148,6 @@ func ParseTLSConfig(
 		newTLS(types.ConfigTLSClientCertRequired, true)
 		f(types.ConfigTLSClientCertRequired, true)
 		tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
-		f(types.ConfigTLSClientCertRequired, true)
 	}
 
 	if v := getString(config, types.ConfigTLSServerName, roots...); v != "" {
@@ -182,6 +182,7 @@ func ParseTLSConfig(
 		f(types.ConfigTLSKnownHosts, khFile)
 		tlsConfig.SysKnownHosts = khFile
 		tlsConfig.VerifyPeers = true
+		tlsConfig.InsecureSkipVerify = true
 
 		return nil
 	}(); err != nil {