Check for https scheme before using inscure tls

Signed-off-by: Tamal Saha <[email protected]>
kmodules · Jul 11, 2024 · 9244361 · 9244361
1 parent 5eb4986
commit 9244361
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pkg/identity/b3.go b/pkg/identity/b3.go
@@ -60,7 +60,7 @@ func NewClient(baseURL, token string, caCert []byte, kc client.Reader) (*Client,
 			return nil, err
 		}
 		// use InsecureSkipVerify, if IP address is used for baseURL host
-		if ip := net.ParseIP(u.Hostname()); ip != nil {
+		if ip := net.ParseIP(u.Hostname()); ip != nil && u.Scheme == "https" {
 			customTransport := http.DefaultTransport.(*http.Transport).Clone()
 			customTransport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
 			c.client = &http.Client{Transport: customTransport}