Golang : Disable security check for HTTPS(SSL) with bad or expired certificate

There are times when a webmaster failed to renew the certificates from SSL connection in time or some other reason for the SSL certificates to expire. A friend of mine has a Golang program that will download data from an external website. However, the program failed recently because of the external website's expired SSL certificates.

This tutorial is a note from helping a friend today to create a custom HTTP transport client in Golang. It is to handle data retrieval for web server with expired SSL certificates by skipping security check. Basically, just a custom HTTP transport client disabled security check.

Hope you may find it useful when you encounter the similar situation in future.

Here you go!

 package main

 import (
 "crypto/tls"
 "fmt"
 "io/ioutil"
 "net/http"
 "os"
 )

 func main() {
 transCfg := &http.Transport{
 TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // ignore expired SSL certificates
 }
 client := &http.Client{Transport: transCfg}

 response, err := client.Get("https://socketloop.com/")

 if err != nil {
 fmt.Println(err)
 os.Exit(1)
 }

 defer response.Body.Close()

 htmlData, err := ioutil.ReadAll(response.Body)

 if err != nil {
 fmt.Println(err)
 os.Exit(1)
 }

 fmt.Println(os.Stdout, string(htmlData))

 }

NOTE : In a production system, it would be wise to use InsecureSkipVerify : true parameter if the normal/secure method failed. Use it as a fallback method rather than the "normal" method. Remember to send a notification, log message or email to the system administrator if the fallback method is activated.