Default to secure

I suspect that many people will need InsecureSkipVerify:true though, but that should be an explicit decision to expose security issues instead of papering over them.
2016-11-16 10:35:35 -08:00 · 2016-11-16 10:35:35 -08:00 · df2009821f
parent 4aa583b6f8
commit df2009821f
1 changed files with 1 additions and 1 deletions
--- a/options.go
+++ b/options.go
@ -154,7 +154,7 @@ func ParseURL(redisURL string) (*Options, error) {
 	}

 	if u.Scheme == "rediss" {
-		o.TLSConfig = &tls.Config{InsecureSkipVerify: true}
+		o.TLSConfig = &tls.Config{ServerName: h}
 	}
 	return o, nil
 }