Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
net/http: Transport VerifyHostname should be optional when using TLS #11076
There should be an option to verify the certificate chain without verifying the hostname. Currently you can only disable both certificate and hostname verification using InsecureSkipVerify.
A new boolean should be added to tls.Config named
That sounds like a bad idea and a painful maintenance cost going forward. You're now running a forked version of Go instead of using the mechanisms it already provides. The
But like I said, this should be discussed on the golang-nuts list. I'm just leaving this note here in case anybody finds this and considers making your same mistake.