Alibaba Cloud SDK for Go verifies SSL/TLS certificates on HTTPS requests by default. The HTTPSInsecure parameter controls this behavior.
Default behavior
HTTPSInsecure defaults to false, which means SSL/TLS certificate verification is enabled. The SDK uses the certificate authority (CA) certificate from the operating system (OS).
Configuration scopes
Set HTTPSInsecure at two levels: per-request or per-client. A request-level setting overrides the client-level setting.
Request-level configuration
A request-level setting applies only to that request.
request.SetHTTPSInsecure(true) // Disable SSL/TLS certificate verification for this request.
isInsecure := request.GetHTTPSInsecure() // Get the current setting for this request.Client-level configuration
A client-level setting applies to all requests sent through that client. If a request has no HTTPSInsecure setting, the client-level setting takes effect.
client.SetHTTPSInsecure(true) // Disable SSL/TLS certificate verification for all requests from this client.
isInsecure := client.GetHTTPSInsecure() // Get the current setting for this client.Security considerations
Setting HTTPSInsecure to true disables SSL/TLS certificate verification. This exposes requests to man-in-the-middle attacks. Keep SSL/TLS certificate verification enabled.