diff --git a/README.md b/README.md index 40a925f..cc2f209 100644 --- a/README.md +++ b/README.md @@ -162,7 +162,8 @@ You can populate below template according to your requirements and use it as you # Setting this variable to `true` will disable verification of # SSL certificates. You shouldn't use this unless you use self-signed -# certificates for your remote storage backend. +# certificates for your remote storage backend. This can only be used +# when AWS_ENDPOINT_PROTO is set to `https`. # AWS_ENDPOINT_INSECURE="true" diff --git a/cmd/backup/main.go b/cmd/backup/main.go index 12ff91e..f5f4f3c 100644 --- a/cmd/backup/main.go +++ b/cmd/backup/main.go @@ -159,21 +159,23 @@ func newScript() (*script, error) { } else { return nil, errors.New("newScript: AWS_S3_BUCKET_NAME is defined, but no credentials were provided") } + options := minio.Options{ Creds: creds, Secure: s.c.AwsEndpointProto == "https", } + if s.c.AwsEndpointInsecure { - if options.Secure { - transport, err := minio.DefaultTransport(options.Secure) - if err != nil { - return nil, fmt.Errorf("newScript: failed to create default minio transport") - } - transport.TLSClientConfig.InsecureSkipVerify = true - options.Transport = transport - } else { + if !options.Secure { return nil, errors.New("newScript: AWS_ENDPOINT_INSECURE = true is only meaningful for https") } + + transport, err := minio.DefaultTransport(true) + if err != nil { + return nil, fmt.Errorf("newScript: failed to create default minio transport") + } + transport.TLSClientConfig.InsecureSkipVerify = true + options.Transport = transport } mc, err := minio.New(s.c.AwsEndpoint, &options)