Golang : Disable security check for HTTPS(SSL) with bad or expired certificate

There are times when a webmaster failed to renew the certificates from SSL connection in time or some other reason for the SSL certificates to expire. A friend of mine has a Golang program that will download data from an external website. However, the program failed recently because of the external website's expired SSL certificates.

This tutorial is a note from helping a friend today to create a custom HTTP transport client in Golang. It is to handle data retrieval for web server with expired SSL certificates by skipping security check. Basically, just a custom HTTP transport client disabled security check.

Hope you may find it useful when you encounter the similar situation in future.

Here you go!

 package main

 import (

 func main() {
 transCfg := &http.Transport{
 TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // ignore expired SSL certificates
 client := &http.Client{Transport: transCfg}

 response, err := client.Get("https://socketloop.com/")

 if err != nil {

 defer response.Body.Close()

 htmlData, err := ioutil.ReadAll(response.Body)

 if err != nil {

 fmt.Println(os.Stdout, string(htmlData))


NOTE : In a production system, it would be wise to use InsecureSkipVerify : true parameter if the normal/secure method failed. Use it as a fallback method rather than the "normal" method. Remember to send a notification, log message or email to the system administrator if the fallback method is activated.

By Adam Ng

IF you gain some knowledge or the information here solved your programming problem. Please consider donating to the less fortunate or some charities that you like. Apart from donation, planting trees, volunteering or reducing your carbon footprint will be great too.