Add Skip Verify for tls

2026-02-11 18:16:24 +05:00 · 2018-10-09 03:06:52 -04:00
parent b266ffd611
commit a03fe68839
11 changed files with 146 additions and 124 deletions
--- a/cmd/cgr-engine/cgr-engine.go
+++ b/cmd/cgr-engine/cgr-engine.go
@@ -1142,6 +1142,7 @@ func startRpc(server *utils.Server, internalRaterChan,
 				cfg.RPCGOBTLSListen,
 				cfg.TLSServerCerificate,
 				cfg.TLSServerKey,
+				cfg.TLSSkipVerify,
 			)
 		}
 	}
@@ -1153,6 +1154,7 @@ func startRpc(server *utils.Server, internalRaterChan,
 				cfg.RPCJSONTLSListen,
 				cfg.TLSServerCerificate,
 				cfg.TLSServerKey,
+				cfg.TLSSkipVerify,
 			)
 		}
 	}
@@ -1164,6 +1166,7 @@ func startRpc(server *utils.Server, internalRaterChan,
 				cfg.HTTPTLSListen,
 				cfg.TLSServerCerificate,
 				cfg.TLSServerKey,
+				cfg.TLSSkipVerify,
 				cfg.HTTPJsonRPCURL,
 				cfg.HTTPWSURL,
 				cfg.HTTPUseBasicAuth,
--- a/config/config.go
+++ b/config/config.go
@@ -265,6 +265,7 @@ type CGRConfig struct {
 	TLSServerKey             string            // path to server key
 	TLSClientCerificate      string            // path to client certificate
 	TLSClientKey             string            // path to client key
+	TLSSkipVerify            bool              // skip verification
 	HTTPJsonRPCURL           string            // JSON RPC relative URL ("" to disable)
 	HTTPFreeswitchCDRsURL    string            // Freeswitch CDRS relative URL ("" to disable)
 	HTTPCDRsURL              string            // CDRS relative URL ("" to disable)
@@ -918,6 +919,9 @@ func (self *CGRConfig) loadFromJsonCfg(jsnCfg *CgrJsonCfg) (err error) {
 		if jsnListenCfg.Tls_client_key != nil && *jsnListenCfg.Tls_client_key != "" {
 			self.TLSClientKey = *jsnListenCfg.Tls_client_key
 		}
+		if jsnListenCfg.Tls_skip_verify != nil {
+			self.TLSSkipVerify = *jsnListenCfg.Tls_skip_verify
+		}
 	}

 	if jsnHttpCfg != nil {
--- a/config/config_defaults.go
+++ b/config/config_defaults.go
@@ -89,6 +89,7 @@ const CGRATES_CFG_JSON = `
 	"tls_server_key":"",					// path to server key
 	"tls_client_certificate" : "",			// path to client certificate(must conatin client.crt + ca.crt)
 	"tls_client_key":"",					// path to client key
+	"tls_skip_verify":false,				// skip tls verification
 },


--- a/config/config_json_test.go
+++ b/config/config_json_test.go
@@ -180,6 +180,7 @@ func TestDfListenJsonCfg(t *testing.T) {
 		Tls_server_key:         utils.StringPointer(""),
 		Tls_client_certificate: utils.StringPointer(""),
 		Tls_client_key:         utils.StringPointer(""),
+		Tls_skip_verify:        utils.BoolPointer(false),
 	}
 	if cfg, err := dfCgrJsonCfg.ListenJsonCfg(); err != nil {
 		t.Error(err)
--- a/config/libconfig_json.go
+++ b/config/libconfig_json.go
@@ -56,6 +56,7 @@ type ListenJsonCfg struct {
 	Tls_server_key         *string
 	Tls_client_certificate *string
 	Tls_client_key         *string
+	Tls_skip_verify        *bool
 }

 // HTTP config section
--- a/data/tls/client.key
+++ b/data/tls/client.key
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDnuCCAiHTpUIaf
-Lmzbu2ODPawjSdKsMaaZ/G9uP+pGAJ4/3np04j5mXjne3OtbN2iAClpYdhzbPCoL
-uFqfSTlE1JCg5s/6JoCvJQip4T+hTyx4xFVC01lwyL8BRrgPg/ucAA5l4w4VqxpX
-7zYz3TSpy9xZt9rII2iIR6GURfZjszK5KzBO/luEfJ9tefiRntwHfposdQY6iIKg
-4ahlKE/S9hgpby8NZa4QwNGrg6KmQtevsPgf46GDD5MRimmCqXo3zFIpjF6m3VKX
-nMpepFuFADJcijT6aqAkOQ60pta80jPugghHji7FB9KmT01rJloWtuN680orRe/q
-e3sxCr21AgMBAAECggEBANd8oa0mOSLoIelScSV+hDJ+XeCLPIGpwrcczDuI8MKc
-vI3ExbiA1Wq5YbPhWnX/dwzrk80EOh2fO7KehJfwrnNWAhG/09VbjPxTwlTJBjVq
-vX6phmiYx2pdJVN4gp7bLFeMrdcOagC4l80CxjNBGUJ2NLqygaDxXLqvcpHC5jkb
-naSkJ5EHCE/PHW3zmiEgmfyAWhrR+s1f2iFCHnw01zuMT8iimLmPsrK8xCEl57np
-+X3G1R3q4fKcAmaX5Q1uork6qPhX5SAsF2m0yHZZjeBbNKuMJPSwrM4A5iXiR27s
-qjGVn3w1JzDz1759WcP/nOUTWpuzY2AZ2MfKg+OIGJkCgYEA9PqZ3YNks7A1zQ03
-Kr7XrM6mnBGzSppyv1XnCZHhJMXuck1Zg01G7Xjtz761a1wYMze3hDj6Ekhs2z6e
-wMtMwWg2WLjkMe/GT1j1g5CbiNzlkDfnswL5ntT+1JcwVDqGCLIY1Awqz4485LDg
-J9ucFdrI0uTvzHl6ipYgagU3BusCgYEA8iTQzLIM9d6t6YQWHGkXiMEFQyvvq6ZK
-XwpgC5k47DGiaWUEc6g562+LVgKBPlJvLeh4IDe6ku10+JVxEQY/bWne3jNAU0IV
-8o+6v8XRfmVuG80tn8cc2wpmeUt5Bke1moef8rSxtnCeuJ7B+Eyr9W5TZcQ37uPd
-9UNn3OrjZd8CgYEA7BrWzmpDVPdAcxcIk1cJUJB+fS6GCSHf885b9Jo3TpTBIkKw
-Qd7pvBfvw2g/O3CwFjTd1z5+rb5Fw+yPXqrRmBnTPyE7NXGtRG4teZaWgIq9aYin
-85yrbkxEKipottUMtzbGvR/Y5t9kith5wZBj16BcKv3gq8Zst0LHjMbn6O8CgYEA
-yTxBbqxWSwt52wST356TGWrYdb+Q2kVDr4KO2XTIMrr5L7/tGDVplTlJQfyo7mNR
-1IRLOPM3kh3XxTNlGPHpSoPe3SkYv1i/pqs+V1wOQ44GGQLGdO/kEkGtcgaAGPEF
-gtxN2EXFH0qvDd2adEE786dxlbShi15COy9+pMFspF8CgYEAmxxOWc7Z4gEYwS9n
-2QrhSf2JCbInaZUnv+lr2x4pHUzZlKnY9QD0ta13Ub/uFScPvWQiAATsQTPgzysA
-w/uICbjDlF7hXk1+V4F2pxBwMcXEvl95PJ/Vedc1MSldUPH3TbKZpGr+NOXLp5th
-Cmg3FMWRvgp8nZ1bsPpm0mXzkSM=
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC3orFmu5WDjCxa
+N1mbIX/VMJSNj7FJJwb7CdXM5Qofs7YdqtqUwlUhHo9mPRa7xdGJtGx2MYd5m9jz
+gDfGaP0uUjzhXW/iVLGo4+5/G8mjsxmYFbT5qEUqPOQioLzlkZi2/FYmGamEPV/d
+epCs4C1djk9iw6LjRsTVxbHSv+BExPX3JXc8R+JtsabzX9t6j6Mp1XgWDMK+HNH9
+R+z/cv+KnEdR/G1nODUjBm1Jlb6A73S4vlo8QeGuVV+clh7I9lnuQOgGjAa7Gsng
+xK+YHA9gjnRFDbG2KY8JItUPSOgqpCz3ig2jNRePGr/3uTWt5q4MUBS428ThYvpr
+dgmywR5RAgMBAAECggEAF1OmX1tyyawTsj4XttoRh/5M0JKxPY6kl10PeKCboZ1N
+hAVBEOaCs9tS8fTOn3mofWqa4IS4Jd2DOKNP8ndBuhGeRC5/WOvTSZXypNjdy1qj
+5KrVO2WBq7TicfejJzJQiOYS93IJE5BMTjEUkbFEcf7y3KPnXCGQPWuIhDH1hiab
+xH8Dc0F3ylpryGvjOTNPVF0a4sGTqa6AeM7HjBPza/5iTwDkI8zm0qVXIHoizOLu
+yv+8iSXiX5pymfaRpHrLEAbFfrwxx7hOOstJg7dZ4gL+Sc8QgRDuYcSQlP1FgQVb
+gBtMnZHB1iJBAfX3zbmZd6byZBuBKn7wCaF83Su7sQKBgQDkAMlWPARM21TtqQ8w
+MePqxfOaboiVHqMfe/qMtUQVe5lXJaXZF5MdlD+hw/5fBc5JVCWXmICn7YwamRoK
+hDZe96asELtWdNBij8x2DzkKAvX0VaQGMyE9f68ksfrgA1AMndB9rMqFGzuGny7X
+7p0WMe/T/L09Th4tjmNJxCsjVQKBgQDOLzmJNQEJyMjW2Ltilh2S8h80tskEKbnG
+8d9+JzRPoUx8E8MgBXEqZB7HpyHdpo7OSCLQksR4GcDuCbDrzJAF8mUM1aDyk2kv
+xwGAgeE4D/wPu1dFehIVXfD06+5pn+A19DkIYvR6CjWo9uhZBWMEpDYPv0ov74SP
+lzD+RjUHDQKBgQCkGdDPSTkLHB2fRDuTQ4U4F6tCLmYNddSQN4pYNarAD4qJB6a7
+flU7R9UYl9kACUy0yGSaHIAU3UsmZaUxhoEfjv0eAJjlHARTvA27ty8lfoYJio4Y
+jDpTag/jyFm5W4kE250QpwnIDZalSPLNJYdYTy6/E7wcYJolzcK2eANYVQKBgQC2
+bBH702mXvo3ziM5B648+8/moKhCwHjrASj/y3bzqt0t0fAenzSjS2MJi4vyTn0m6
+ORiUcUZi/GY2NVzTQ6opmMzPDjPYa5QlMW2ixUb+0yWwxY/xaI+XWAZYrGXEDi/R
+jMLpKKQlVeMkG1B3csyozqEGTbjVsJUYdixizLseAQKBgGDLvc99O4PzYWoOqgFF
+S6M0gbKRpvMkE+1kzJeVIS1Swmd6xj7r6zWhR7jjfjF+EaOmGWHiAJgUriTuWurp
+gaqLCKEy0sXXH+gavwOdpZ/LDZNcNJy1E7YxAjT5+TcN8RhaqTl2n2VgxqGjUuly
+Qtyl5FcPS61M28iMB32RxWvx
 -----END PRIVATE KEY-----
--- a/data/tls/clientCA.crt
+++ b/data/tls/clientCA.crt
@@ -1,46 +1,46 @@
 -----BEGIN CERTIFICATE-----
-MIIDqDCCApACCQDN74icxWmu/DANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMC
+MIIDqDCCApACCQCvyT7v+o9lmTANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMC
 REUxEDAOBgNVBAgMB0JhdmFyaWExGDAWBgNVBAcMD0JhZCBSZWljaGVuaGFsbDER
 MA8GA1UECgwISVRzeXNDT00xDTALBgNVBAsMBHJvb3QxEjAQBgNVBAMMCWxvY2Fs
-aG9zdDEjMCEGCSqGSIb3DQEJARYUY29udGFjdEBpdHN5c2NvbS5jb20wHhcNMTgw
-NjA0MTMwNDUzWhcNMTgwNzA0MTMwNDUzWjCBljELMAkGA1UEBhMCREUxEDAOBgNV
+aG9zdDEjMCEGCSqGSIb3DQEJARYUY29udGFjdEBpdHN5c2NvbS5jb20wHhcNMTgx
+MDA4MTMwMDEyWhcNMTgxMTA3MTMwMDEyWjCBljELMAkGA1UEBhMCREUxEDAOBgNV
 BAgMB0JhdmFyaWExGDAWBgNVBAcMD0JhZCBSZWljaGVuaGFsbDERMA8GA1UECgwI
 SVRzeXNDT00xDzANBgNVBAsMBmNsaWVudDESMBAGA1UEAwwJbG9jYWxob3N0MSMw
 IQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAOe4IICIdOlQhp8ubNu7Y4M9rCNJ0qwxppn8b24/
-6kYAnj/eenTiPmZeOd7c61s3aIAKWlh2HNs8Kgu4Wp9JOUTUkKDmz/omgK8lCKnh
-P6FPLHjEVULTWXDIvwFGuA+D+5wADmXjDhWrGlfvNjPdNKnL3Fm32sgjaIhHoZRF
-9mOzMrkrME7+W4R8n215+JGe3Ad+mix1BjqIgqDhqGUoT9L2GClvLw1lrhDA0auD
-oqZC16+w+B/joYMPkxGKaYKpejfMUimMXqbdUpecyl6kW4UAMlyKNPpqoCQ5DrSm
-1rzSM+6CCEeOLsUH0qZPTWsmWha243rzSitF7+p7ezEKvbUCAwEAATANBgkqhkiG
-9w0BAQsFAAOCAQEAyaAOowvVT7itzCRIC107I13JxFvj4rP4Thgsw2iRNkHvMkDV
-Nui0Wh47TVkZFEFmBPXvDF6g0/5nzqMsBZqNUeN0pkLbd+FOgtKoPg+4SZK0HM+6
-4FjiwdHMopOb13oQ0Z7RubWhbyt5h/e/VIjyomnmf6HoQMLEHXcJyKA7OtH0qwZq
-WxAjZvjCUo+Q9D6hgPsguXsgUnwDRl1ofbhDeESRZ+s01tl5znJa/JEjDR6TcAFi
-PETPiHaqRZGoPyA021bbnlG4qhYRDRgOsjQN1FC8LFi+Y4LmYhZKLDFjM4tpkdvS
-brXjOJ8406k/H+a2Wck4KuFbQvzozkl5GgSqeg==
+AQEBBQADggEPADCCAQoCggEBALeisWa7lYOMLFo3WZshf9UwlI2PsUknBvsJ1czl
+Ch+zth2q2pTCVSEej2Y9FrvF0Ym0bHYxh3mb2POAN8Zo/S5SPOFdb+JUsajj7n8b
+yaOzGZgVtPmoRSo85CKgvOWRmLb8ViYZqYQ9X916kKzgLV2OT2LDouNGxNXFsdK/
+4ETE9fcldzxH4m2xpvNf23qPoynVeBYMwr4c0f1H7P9y/4qcR1H8bWc4NSMGbUmV
+voDvdLi+WjxB4a5VX5yWHsj2We5A6AaMBrsayeDEr5gcD2COdEUNsbYpjwki1Q9I
+6CqkLPeKDaM1F48av/e5Na3mrgxQFLjbxOFi+mt2CbLBHlECAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEAw6XmdcrqgnG0oIEGWjV4wWdgk3dkAp8TQldfcubPRhI+zZgz
+JytHmCptTLIhEMgD2DXNkJxQDSDhXl2R0VIdvPxZj2JZhmxEcJH9lR2qjKL1rZWL
+2I7crwhRILEsV+pCc0yv4DT+uM4uWwnUF2LgvnSxgvjCg4A+IqtC02mijxNsG8+P
+rLal315MMW8SQEvZfNR5QGsOLlvkbuTOmKAcQWEnF/d+3EFYu7AhwrGFmYHf0D7Y
+VCqZZw1VdkAP88Cmb7PY/Dzr0wywcys8ajjP+Hl4AlH2a0+r62c65pi7xVVUfS07
+2cPGjst+ujBJvRCtRkwHKL5AFjXmC254fnxAwg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIID/TCCAuWgAwIBAgIJAPtQI9LtiBDeMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
+MIID/TCCAuWgAwIBAgIJAMQWZXxNuEsJMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
 VQQGEwJERTEQMA4GA1UECAwHQmF2YXJpYTEYMBYGA1UEBwwPQmFkIFJlaWNoZW5o
 YWxsMREwDwYDVQQKDAhJVHN5c0NPTTENMAsGA1UECwwEcm9vdDESMBAGA1UEAwwJ
 bG9jYWxob3N0MSMwIQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTAe
-Fw0xODA2MDQxMzA0NTNaFw0xODA3MDQxMzA0NTNaMIGUMQswCQYDVQQGEwJERTEQ
+Fw0xODEwMDgxMzAwMTJaFw0xODExMDcxMzAwMTJaMIGUMQswCQYDVQQGEwJERTEQ
 MA4GA1UECAwHQmF2YXJpYTEYMBYGA1UEBwwPQmFkIFJlaWNoZW5oYWxsMREwDwYD
 VQQKDAhJVHN5c0NPTTENMAsGA1UECwwEcm9vdDESMBAGA1UEAwwJbG9jYWxob3N0
 MSMwIQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAN+V47Xtx0Yn0/pphvK44SII9cjNN5o2pncI
-Dp4c2kyOSfS/LYbU4W4S4u5B7BEvmeQ76C98L9nSy0pCDwFI1HdQ56hY46jNX0I8
-633W+zLqFHWokkNo/HxnCBbdixCsxTLlymrwGwMA5zF9f4cuySi78o6lRyN97RC3
-50hFjAXiTmNe9hgzf2imyag2FFVPhXPiMJyOJea+7AKUYsG+nO/lG992Gw9ShyXH
-FpcN7Avp+wuTgW4BFyUuQ94oiFthCcH1HtxXsPKse+6DEs7uFezL8xfMLeNbirAO
-Iq0ulEQPoF+eGq7Ne04lykdJ41RsWovthNlYifqsrWd/HtYErz8CAwEAAaNQME4w
-HQYDVR0OBBYEFCQBBGNhYiWifVlF8q1XYgXFUdLKMB8GA1UdIwQYMBaAFCQBBGNh
-YiWifVlF8q1XYgXFUdLKMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
-AHQRGykgGXU3Mfwi965GJBFx+pmYsEou4o37K/mLRfqCgxkc1NhEjRWtcu0BM4K7
-gPNzZmbvkAgypyb3YByIECQ5ieg3u4vWipq5xW3o/MrCNKIfMOBqDu3/mSiaEwHG
-civUcY4NBfbjnDCziKz0cCwfLeljV/Xqa4WPMf9lITbtNTvCKTTPlYgxycT1skXI
-XjmnJl1jBLsIke/O2TYHlQyaBz3owKrj2DZypy0ZX6UNb1BOddsjy01R0JgL/RDf
-TJLUwRG32prs1mPDe8RbSlM42eZ53cpq0oEOVlxOYJgovn+wC02Dsu/g9UDJ20Uw
-hWYtflU5IkMWOIn+YnKCpcs=
+hvcNAQEBBQADggEPADCCAQoCggEBAN4mozBW5qnEGpPfzcZI5D8WrgQLpJQgY7BQ
+gAuJTsssO2Nm5gX2Aa1/i4XNEykI+DiKPJZrHQsjQJdkCwAIiUdKUZr5bKlGXat7
+2T3btCDywTIdBsSC9QwUz+/kUNVZXeAoY99TuJ+JkhpZReoup/WivDvgXuts0u/R
+cfOna0qVnLWre1lpaMBfzofZ391VILyP+pg/MyLydghAy5e6WKyYJmHCFO6LrGSB
+tdHi20e5xbjZN59Rsp9m4XUmoeAIsjGe63gHhmWGETA6v5EnxqivRCJ3kB+/yOEc
+zgCoKCg98/ihXLbznOW3ijsZdMkfWX/1InNKMUO9vl3UFWnUPF0CAwEAAaNQME4w
+HQYDVR0OBBYEFDoQyjurTy3c58dlHEzF6uYhWNyiMB8GA1UdIwQYMBaAFDoQyjur
+Ty3c58dlHEzF6uYhWNyiMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
+AIAwLiwCNiN+Eiw1Od8/lwg6myE06BpFfKr6gX/khyGEXpaQN5NyyWL1xu+M60bZ
+fMM74m15UioBuK6aEM+yNTHWqmRWMn7WBpXtkvTE+jsejS7DLs89s6BQyrgItWEL
+gZEu6wlSe4e1Mt/0xjpmfDHCGyhQnoUCHakrdI+4wZ/6d4zF/SdAaYVa8mBKQGsu
+3n2gKtYc7OdaTOxS3Fj+UKodAPt1zTcUvZh3/dUIH3py3JNhdsAChg/2fLLFVJvb
+5MBEAY/KgrplaA1AxBcw55JIgGnUA1fO5dSo/M4fU2N5wEKBHheeTb4d2ZEojTGP
+K9DecQzJ3Sd26hhsXBML/OQ=
 -----END CERTIFICATE-----
--- a/data/tls/generate_certificate.sh
+++ b/data/tls/generate_certificate.sh
@@ -20,3 +20,5 @@ openssl x509 -req -in client.csr -CA ca.crt -CAkey ca.key -CAserial ca.srl -out

 # Combine client.crt + ca.crt
 cat client.crt ca.crt > clientCA.crt
+
+rm ca.key ca.crt ca.srl server.crt server.csr client.crt client.csr
--- a/data/tls/server.key
+++ b/data/tls/server.key
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDsDxGCVh+PNGcX
-myPZYCHJFKAITUQqqFPvIIabTu/7NhzpgnOJceihZ/rFWQngqovtrNuqoxPDXcW5
-OIiMVRBBJGXs35Axy8j1mfF3NX99QQXhPSdUIuPCHhAOKdOddUDj2b1W0TzBOpV6
-4WCGz2bV8ncxGJpObKOcci8Mp4suFwSdOUAkgHYhR7ZrYmLjBuzR/7GF7ZGaQRM7
-KQIxATNStqbS6buEipdjXdR9C3hd4O4GcZ8KDaK5Xvuiyeksv1qjWnc32RzLZ4Lp
-S+2iPI1gdWMFX9YO/ZzEp14qHvWYM6dForw0q7a3z0uppAgHO4EKVxy+Ag4bC64K
-3787Leh3AgMBAAECggEAcSEHkx8TIN5MSdPf6l1X07Y+u7vL32WsU/2ShPvfptTY
-JlCObmBYzIG4fLufMDyLsuwUmkJtRkO6bnnZdueNUqrO7iZ2RGcVeB6+yhKpdq2i
-078rCfduj6k4qJEDCYMYBhpj0yeTpkcdPDamu/TJo97/oFfaG5uVDXTrd3UUDpGt
-ptaewKwWYeORygbdFXEn5Er2CGRfzRfkcTSOu8OG9sqzdz8JzD1R2ywk3/M577Ez
-ZPsdxGcJbV4yUx9OXFCc/NyDJhVgXGIPAWB5D2SPJ9iNOt171neqqpTs71rN1YqD
-Qgx9Y/22+o4bSKD35pb8kdHbArhtLLpvxQ6RBQCdgQKBgQD/lcfvMIYn4q0GJQPa
-zHqT2cgOC1uwJdbbo3Y9CvQZxtHgA2tM+W308JI0c2POVUzPzcraeUsYtXHMe/pX
-sP4tkrv5OGY/EQptfqH9/+mBW1aUVbK9Z68a+Tx6eu4FMU+XJr0a8Ij6DUIkewx2
-mXnm2tniIHrYfek89vbnaRkE1QKBgQDscSwm5pZaIOtiTsaK/L2qTXvkAXZL/Wp3
-KOeWdVLZKz6MG+UwPqHNJ5BJeb5n4/jm4D5qUue5cxs46/s+k6DjZwFYSZWA3B7q
-F3b9dXtbNbORGob2D955K0Yuov/tROphqBfX57aJFfhN/XUBIXlT86SCThQvtAZu
-eUDz1IvOGwKBgFc4aSOCPrYL0BohtaAMWeRs1K2eSKrjLuCDdw072LOXOvYklJCP
-KmwFUQ+fNTcruuvLgeduryb+fJhY0sTsPMGWqplRGut4yEM3jNaeZ7RiVDiIyleC
-s6oT1gTCQMn62vttF+nCniwfLCxA5a7vjz8t/l8B0Ipi5Z6NdRLhtc0FAoGBALnW
-7iQZQ33NuBUJ48Xkh1LvGfyJJajuoxrLnNNGnfqxobTQTCDSaaxtd1w5A2524fDd
-ulEpnpbFoVTpLg3uTRvPn1/8XjTtTqMiFFV9XJrBJ8VaO0/2Ax/r4nrPhSbB7xMY
-4rzBlFhFW2g5WhisbceNjfUZV4ZzEkcMqP+9RLGXAoGBAJqddcP0fDmGKaEC0THh
-jO81CSrMUBFSEfzv2luQujEhsalt8s1jQGl4Lx7ZUdDRiEX6PwA4lDG4SYm+D6r0
-zzWX/OKEEqbTII/eoiBzv1JlshyvRc/LvbThoLTAF7uxQNlOP0b24MeFMCIeoZNb
-skv1m4NPGW/EJeZAbzjC2Zxu
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC2+8Prf1rhZn5g
+wxg8/kM9k4q4lrDV+TdpMo1mGbmr4qJIOLvLKWpz+e3m1a8YR2yQlLSehuNGlKHv
+Td7yJMuVNuje5sOd5mFpkhM5GXTB5CFcFHiBQLIYIfu3juZhpMdDzMWOJ1sz1VNp
+XdNbdHoaok9uIbynzOXF6A//7wTz6vy7UO2pGQous0PSILCqm7GRaQSPGExiEtgy
+17z0zUoe7vFlJyZXLUIfEezSlxuMNITqJl+DZckmsATxWXw04aUoAAskCJ/RRceY
+yJopsVf32RfzpGpCpuXD3eKTqP36+/iZQ0JkNlJWfBhJZYulpC6UnYigKIsDicAi
+wgtU3xMjAgMBAAECggEAO7mbbi9oa2+3yj+DlszrB5szySIuX/jzNBvy+SNmbgsQ
+KwCRkzNWcrpeA101xHfzoJFZDvE6F5yF6oUBQwnthSuiALdTnCNJIlsyeQ2tBWg/
+1z07Q/zo5GWbMoOrAK32+FNLHCYOZ7G2gwrD5PL0s+LMiEbsu9xuFxWyuze55x77
+mZyrhT5ZeU4oigeLk1ZgRsuXfafkSBQ2N0SMELmSh9AOXMYh+RpriqbVbL65l1Py
+stU2hTrVqKQJSHLnD2rL5ObBlQVzPMv2WNaPDwGmcUCuhSgvIxbJbizdrxAaM/Xp
+zIkC1uK0ksWGpG5EJ2+RtgGLk932miU2df0Gw57M+QKBgQDkDLjSxBPYv3yxgwlN
+N3YPZai5PzXTcWjkj4nKJQWmuCZwFjtU3mA90AVNgb8jDL625iQ8j/NHtC9QIDiN
+B1j0ZMnvwtL6DsaXo67fBpABiodNbFY1pbdrC1qgEtIk00L+Z3JdNXuhEsUoQFab
+csl42sfyR1HJlWgVJYTdHm0gnwKBgQDNaQwCme/Sf8ryxBYKdbJaje9xfGNE3oPX
+2vHmu6eS6tz3uu9sbRqPOnjwy+3bAkvJOCDmsETEQck+P2JnOLakfMMRb/D8aiAU
+JaFlw+UorQWVd0W6mX1ckx9Lsf4x2L8kvwZKWKhK7GW+gHXv1Mq7NlGZ319rqCED
+sOdKqfxq/QKBgHKTjbyfNRV+R8jr/B1mkxNzUQ0ZnBKK9Vd4YpNEfI1iEjXYhaDD
+RXlo7XEekgirG5rLEEO5U1KgTfEk7yS0H1ZS2T50FQn7qH2BiJeXNX0Au7ADkWDM
+zNWkU7j/G8PSvOMS2FvKRj4MLzBk+t6JEn589V5dxNLSFQQi4Jkz80IjAoGATVW5
+YdlXA2d9nzzYF4QMbC938MAmF6228bPK01XfV175ZoOI1MeW8knPcsk0efo5Uj7B
+lFjU6xbhj4AJqlcd3HvkbVI55q6F+U/ZnhjM1C2gJo/LPt++5PW3GKagz1+NR2Zs
+Fd2fLuYlwD1ZKbxxv15KBqakpEGefGdEDUZGdHkCgYAho2JSnNpdtnKeuB1IVdiF
+olhtK3PdXEwnB6ESf8wDbal6/VKg2A318L+JMkRmq5749FomDcpboATwFbPnjGKg
+6x7wY8BOGoG65iS0etUrsG9Vufk5A2RjnXoeTU6d/lhIYCMXxQs2zDwyIgjXW/qN
+anBevyFDCUPXDUVnwBv+ZQ==
 -----END PRIVATE KEY-----
--- a/data/tls/serverCA.crt
+++ b/data/tls/serverCA.crt
@@ -1,46 +1,46 @@
 -----BEGIN CERTIFICATE-----
-MIIDqDCCApACCQDN74icxWmu+zANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMC
+MIIDqDCCApACCQCvyT7v+o9lmDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMC
 REUxEDAOBgNVBAgMB0JhdmFyaWExGDAWBgNVBAcMD0JhZCBSZWljaGVuaGFsbDER
 MA8GA1UECgwISVRzeXNDT00xDTALBgNVBAsMBHJvb3QxEjAQBgNVBAMMCWxvY2Fs
-aG9zdDEjMCEGCSqGSIb3DQEJARYUY29udGFjdEBpdHN5c2NvbS5jb20wHhcNMTgw
-NjA0MTMwNDUzWhcNMTgwNzA0MTMwNDUzWjCBljELMAkGA1UEBhMCREUxEDAOBgNV
+aG9zdDEjMCEGCSqGSIb3DQEJARYUY29udGFjdEBpdHN5c2NvbS5jb20wHhcNMTgx
+MDA4MTMwMDEyWhcNMTgxMTA3MTMwMDEyWjCBljELMAkGA1UEBhMCREUxEDAOBgNV
 BAgMB0JhdmFyaWExGDAWBgNVBAcMD0JhZCBSZWljaGVuaGFsbDERMA8GA1UECgwI
 SVRzeXNDT00xDzANBgNVBAsMBnNlcnZlcjESMBAGA1UEAwwJbG9jYWxob3N0MSMw
 IQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAOwPEYJWH480ZxebI9lgIckUoAhNRCqoU+8ghptO
-7/s2HOmCc4lx6KFn+sVZCeCqi+2s26qjE8Ndxbk4iIxVEEEkZezfkDHLyPWZ8Xc1
-f31BBeE9J1Qi48IeEA4p0511QOPZvVbRPME6lXrhYIbPZtXydzEYmk5so5xyLwyn
-iy4XBJ05QCSAdiFHtmtiYuMG7NH/sYXtkZpBEzspAjEBM1K2ptLpu4SKl2Nd1H0L
-eF3g7gZxnwoNorle+6LJ6Sy/WqNadzfZHMtngulL7aI8jWB1YwVf1g79nMSnXioe
-9Zgzp0WivDSrtrfPS6mkCAc7gQpXHL4CDhsLrgrfvzst6HcCAwEAATANBgkqhkiG
-9w0BAQsFAAOCAQEAfJzQqYMO5FvbP8StTc7vdX8QR17fgDZ87PgFj6HGsmIPp/Wa
-oYUvmkup48q+3VPyQrrxrFK9Folvd4FEVO56yofbHaAODwPdUmkZTTrIMmexC0jR
-+jfvIaq0NfmDpZGyl08SkwmvK8H4N3oLCSF6z2Uiejrlwep18ntE8LCBkEWh910i
-mhkw3R4a6lbK/lIGlIVlR04cJdUTaJEO+lBTaEE1Kh90i+peDZLkxypAxOj80RSJ
-YuPdHacFtBAm8fgtCUHjWBwcI9lCqOgKQaWw0M/488qp7Uwia3F+6H7rxqGWFpCn
-ZuTVxr6HN2P/bL5M/BUmgCaHrG5hfGYBhLzsQA==
+AQEBBQADggEPADCCAQoCggEBALb7w+t/WuFmfmDDGDz+Qz2TiriWsNX5N2kyjWYZ
+uaviokg4u8spanP57ebVrxhHbJCUtJ6G40aUoe9N3vIky5U26N7mw53mYWmSEzkZ
+dMHkIVwUeIFAshgh+7eO5mGkx0PMxY4nWzPVU2ld01t0ehqiT24hvKfM5cXoD//v
+BPPq/LtQ7akZCi6zQ9IgsKqbsZFpBI8YTGIS2DLXvPTNSh7u8WUnJlctQh8R7NKX
+G4w0hOomX4NlySawBPFZfDThpSgACyQIn9FFx5jImimxV/fZF/OkakKm5cPd4pOo
+/fr7+JlDQmQ2UlZ8GElli6WkLpSdiKAoiwOJwCLCC1TfEyMCAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEAvwXshLZ8dDI+ncuehXH3v+zUoXn2BN0PAJpvFz7CRGhZq5Ux
+gPpPncvKSJ1OlJC9lJlQcCEDogwZhLGC4VRuoXqQQGp4385Jy9GHVvZ22Xli5fcy
+uc+3EYJa/6wnVGY9oLh7R1ekJiSBDvO7HQaW4DcVywd5tIYZa5WEqAD08To0rug3
+ygP6k7PzoLiHK4LwNXNSKV/0mD6QL6TrcaAilX0Vdv3GGjIW3I01+tGVxtM9vTOT
+JGQWUgfaj3t0x1B3DDYJRYUNN+2tRf8XjX0V7Gvs/Fuwfycrb/RBYVUxBDpSqx+N
+1T3jT4eCz4J1ogGBhaaEBYPapaPqTDCGAuFZEA==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIID/TCCAuWgAwIBAgIJAPtQI9LtiBDeMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
+MIID/TCCAuWgAwIBAgIJAMQWZXxNuEsJMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
 VQQGEwJERTEQMA4GA1UECAwHQmF2YXJpYTEYMBYGA1UEBwwPQmFkIFJlaWNoZW5o
 YWxsMREwDwYDVQQKDAhJVHN5c0NPTTENMAsGA1UECwwEcm9vdDESMBAGA1UEAwwJ
 bG9jYWxob3N0MSMwIQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTAe
-Fw0xODA2MDQxMzA0NTNaFw0xODA3MDQxMzA0NTNaMIGUMQswCQYDVQQGEwJERTEQ
+Fw0xODEwMDgxMzAwMTJaFw0xODExMDcxMzAwMTJaMIGUMQswCQYDVQQGEwJERTEQ
 MA4GA1UECAwHQmF2YXJpYTEYMBYGA1UEBwwPQmFkIFJlaWNoZW5oYWxsMREwDwYD
 VQQKDAhJVHN5c0NPTTENMAsGA1UECwwEcm9vdDESMBAGA1UEAwwJbG9jYWxob3N0
 MSMwIQYJKoZIhvcNAQkBFhRjb250YWN0QGl0c3lzY29tLmNvbTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAN+V47Xtx0Yn0/pphvK44SII9cjNN5o2pncI
-Dp4c2kyOSfS/LYbU4W4S4u5B7BEvmeQ76C98L9nSy0pCDwFI1HdQ56hY46jNX0I8
-633W+zLqFHWokkNo/HxnCBbdixCsxTLlymrwGwMA5zF9f4cuySi78o6lRyN97RC3
-50hFjAXiTmNe9hgzf2imyag2FFVPhXPiMJyOJea+7AKUYsG+nO/lG992Gw9ShyXH
-FpcN7Avp+wuTgW4BFyUuQ94oiFthCcH1HtxXsPKse+6DEs7uFezL8xfMLeNbirAO
-Iq0ulEQPoF+eGq7Ne04lykdJ41RsWovthNlYifqsrWd/HtYErz8CAwEAAaNQME4w
-HQYDVR0OBBYEFCQBBGNhYiWifVlF8q1XYgXFUdLKMB8GA1UdIwQYMBaAFCQBBGNh
-YiWifVlF8q1XYgXFUdLKMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
-AHQRGykgGXU3Mfwi965GJBFx+pmYsEou4o37K/mLRfqCgxkc1NhEjRWtcu0BM4K7
-gPNzZmbvkAgypyb3YByIECQ5ieg3u4vWipq5xW3o/MrCNKIfMOBqDu3/mSiaEwHG
-civUcY4NBfbjnDCziKz0cCwfLeljV/Xqa4WPMf9lITbtNTvCKTTPlYgxycT1skXI
-XjmnJl1jBLsIke/O2TYHlQyaBz3owKrj2DZypy0ZX6UNb1BOddsjy01R0JgL/RDf
-TJLUwRG32prs1mPDe8RbSlM42eZ53cpq0oEOVlxOYJgovn+wC02Dsu/g9UDJ20Uw
-hWYtflU5IkMWOIn+YnKCpcs=
+hvcNAQEBBQADggEPADCCAQoCggEBAN4mozBW5qnEGpPfzcZI5D8WrgQLpJQgY7BQ
+gAuJTsssO2Nm5gX2Aa1/i4XNEykI+DiKPJZrHQsjQJdkCwAIiUdKUZr5bKlGXat7
+2T3btCDywTIdBsSC9QwUz+/kUNVZXeAoY99TuJ+JkhpZReoup/WivDvgXuts0u/R
+cfOna0qVnLWre1lpaMBfzofZ391VILyP+pg/MyLydghAy5e6WKyYJmHCFO6LrGSB
+tdHi20e5xbjZN59Rsp9m4XUmoeAIsjGe63gHhmWGETA6v5EnxqivRCJ3kB+/yOEc
+zgCoKCg98/ihXLbznOW3ijsZdMkfWX/1InNKMUO9vl3UFWnUPF0CAwEAAaNQME4w
+HQYDVR0OBBYEFDoQyjurTy3c58dlHEzF6uYhWNyiMB8GA1UdIwQYMBaAFDoQyjur
+Ty3c58dlHEzF6uYhWNyiMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEB
+AIAwLiwCNiN+Eiw1Od8/lwg6myE06BpFfKr6gX/khyGEXpaQN5NyyWL1xu+M60bZ
+fMM74m15UioBuK6aEM+yNTHWqmRWMn7WBpXtkvTE+jsejS7DLs89s6BQyrgItWEL
+gZEu6wlSe4e1Mt/0xjpmfDHCGyhQnoUCHakrdI+4wZ/6d4zF/SdAaYVa8mBKQGsu
+3n2gKtYc7OdaTOxS3Fj+UKodAPt1zTcUvZh3/dUIH3py3JNhdsAChg/2fLLFVJvb
+5MBEAY/KgrplaA1AxBcw55JIgGnUA1fO5dSo/M4fU2N5wEKBHheeTb4d2ZEojTGP
+K9DecQzJ3Sd26hhsXBML/OQ=
 -----END CERTIFICATE-----
--- a/utils/server.go
+++ b/utils/server.go
@@ -291,7 +291,7 @@ func (r *rpcRequest) Call() io.Reader {
 	return r.rw
 }

-func loadTLSConfig(serverCrt, serverKey string) (config tls.Config, err error) {
+func loadTLSConfig(serverCrt, serverKey string, skipVerify bool) (config tls.Config, err error) {
 	cert, err := tls.LoadX509KeyPair(serverCrt, serverKey)
 	if err != nil {
 		log.Fatalf("Error: %s when load server keys", err)
@@ -306,22 +306,23 @@ func loadTLSConfig(serverCrt, serverKey string) (config tls.Config, err error) {
 	certPool := x509.NewCertPool()
 	certPool.AddCert(ca)
 	config = tls.Config{
-		Certificates: []tls.Certificate{cert},
-		ClientAuth:   tls.RequireAndVerifyClientCert,
-		ClientCAs:    certPool,
+		Certificates:       []tls.Certificate{cert},
+		ClientAuth:         tls.RequireAndVerifyClientCert,
+		ClientCAs:          certPool,
+		InsecureSkipVerify: skipVerify,
 	}
 	config.Rand = rand.Reader
 	return
 }

-func (s *Server) ServeGOBTLS(addr, serverCrt, serverKey string) {
+func (s *Server) ServeGOBTLS(addr, serverCrt, serverKey string, skipVerify bool) {
 	s.RLock()
 	enabled := s.rpcEnabled
 	s.RUnlock()
 	if !enabled {
 		return
 	}
-	config, err := loadTLSConfig(serverCrt, serverKey)
+	config, err := loadTLSConfig(serverCrt, serverKey, skipVerify)
 	if err != nil {
 		return
 	}
@@ -354,14 +355,14 @@ func (s *Server) ServeGOBTLS(addr, serverCrt, serverKey string) {
 	}
 }

-func (s *Server) ServeJSONTLS(addr, serverCrt, serverKey string) {
+func (s *Server) ServeJSONTLS(addr, serverCrt, serverKey string, skipVerify bool) {
 	s.RLock()
 	enabled := s.rpcEnabled
 	s.RUnlock()
 	if !enabled {
 		return
 	}
-	config, err := loadTLSConfig(serverCrt, serverKey)
+	config, err := loadTLSConfig(serverCrt, serverKey, skipVerify)
 	if err != nil {
 		return
 	}
@@ -392,7 +393,7 @@ func (s *Server) ServeJSONTLS(addr, serverCrt, serverKey string) {
 	}
 }

-func (s *Server) ServeHTTPTLS(addr, serverCrt, serverKey string, jsonRPCURL string, wsRPCURL string,
+func (s *Server) ServeHTTPTLS(addr, serverCrt, serverKey string, skipVerify bool, jsonRPCURL string, wsRPCURL string,
 	useBasicAuth bool, userList map[string]string) {
 	s.RLock()
 	enabled := s.rpcEnabled
@@ -434,6 +435,15 @@ func (s *Server) ServeHTTPTLS(addr, serverCrt, serverKey string, jsonRPCURL stri
 	if useBasicAuth {
 		Logger.Info("<HTTPTLS> enabling basic auth")
 	}
+	config, err := loadTLSConfig(serverCrt, serverKey, skipVerify)
+	if err != nil {
+		return
+	}
+	httpSrv := http.Server{
+		Addr:      addr,
+		Handler:   mux,
+		TLSConfig: &config,
+	}
 	Logger.Info(fmt.Sprintf("<HTTPTLS> start listening at <%s>", addr))
-	http.ListenAndServeTLS(addr, serverCrt, serverKey, mux)
+	httpSrv.ListenAndServeTLS(serverCrt, serverKey)
 }