diff options
| -rw-r--r-- | modules/caddyhttp/reverseproxy/command.go | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/caddyhttp/reverseproxy/command.go b/modules/caddyhttp/reverseproxy/command.go index 31a591c..6de052e 100644 --- a/modules/caddyhttp/reverseproxy/command.go +++ b/modules/caddyhttp/reverseproxy/command.go @@ -59,6 +59,7 @@ default, all incoming headers are passed through unmodified.) fs.String("from", "localhost", "Address on which to receive traffic") fs.String("to", "", "Upstream address to which to to proxy traffic") fs.Bool("change-host-header", false, "Set upstream Host header to address of upstream") + fs.Bool("insecure", false, "Disable TLS verification (WARNING: DISABLES SECURITY, WHY ARE YOU EVEN USING TLS?)") return fs }(), }) @@ -68,6 +69,7 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) { from := fs.String("from") to := fs.String("to") changeHost := fs.Bool("change-host-header") + insecure := fs.Bool("insecure") httpPort := strconv.Itoa(caddyhttp.DefaultHTTPPort) httpsPort := strconv.Itoa(caddyhttp.DefaultHTTPSPort) @@ -127,6 +129,9 @@ func cmdReverseProxy(fs caddycmd.Flags) (int, error) { ht := HTTPTransport{} if toAddr.Scheme == "https" { ht.TLS = new(TLSConfig) + if insecure { + ht.TLS.InsecureSkipVerify = true + } } handler := Handler{ |