add "tlsverify" option

README.md

@@ -7,9 +7,9 @@ supported TLS connections to the NATS server, which I need.
 Includes:
 
 ```
-nats-pub [-s server] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] <subject> <message>
+nats-pub [-s server] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] [-tlsverify] <subject> <message>
 
-nats-sub [-s server] [-ts] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] <subject>
+nats-sub [-s server] [-ts] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] [-tlsverify] <subject>
 
 ```
 

nats-pub/app.go

@@ -9,7 +9,7 @@ import (
 )
 
 func usage() {
-	log.Fatalf("nats-pub [-s server] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] <subject> <message>")
+	log.Fatalf("nats-pub [-s server] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] [-tlsverify] <subject> <message>")
 }
 
 func main() {
@@ -20,6 +20,7 @@ func main() {
 	var tlsCertPath = flag.String("tlscert", "", "Certificate file")
 	var tlsKeyPath = flag.String("tlskey", "", "Private key file for certificate")
 	var tlsCACertPath = flag.String("tlscacert", "", "Client certificate CA file")
+	var tlsVerify = flag.Bool("tlsverify", true, "Enable TLS connection verification")
 
 	flag.Usage = usage
 	flag.Parse()
@@ -31,7 +32,7 @@ func main() {
 	var subject = flag.Arg(0)
 	var message = flag.Arg(1)
 
-	conn, err := nc.Connect(*url, *tls, *tlsCertPath, *tlsKeyPath, *tlsCACertPath)
+	conn, err := nc.Connect(*url, *tls, *tlsCertPath, *tlsKeyPath, *tlsCACertPath, *tlsVerify)
 	if err != nil {
 		log.Fatalf("Failed to connect to NATS: %s", err)
 	}

nats-sub/app.go

@@ -11,7 +11,7 @@ import (
 )
 
 func usage() {
-	log.Fatalf("nats-sub [-s server] [-ts] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] <subject>")
+	log.Fatalf("nats-sub [-s server] [-ts] [-tls] [-tlscert CERT_FILE] [-tlskey KEY_FILE] [-tlscacert CA_FILE] [-tlsverify] <subject>")
 }
 
 func main() {
@@ -23,6 +23,7 @@ func main() {
 	var tlsCertPath = flag.String("tlscert", "", "Certificate file")
 	var tlsKeyPath = flag.String("tlskey", "", "Private key file for certificate")
 	var tlsCACertPath = flag.String("tlscacert", "", "Client certificate CA file")
+	var tlsVerify = flag.Bool("tlsverify", false, "Enable TLS connection verification")
 
 	flag.Usage = usage
 	flag.Parse()
@@ -38,7 +39,7 @@ func main() {
 		log.SetFlags(log.LstdFlags)
 	}
 
-	conn, err := nc.Connect(*url, *tls, *tlsCertPath, *tlsKeyPath, *tlsCACertPath)
+	conn, err := nc.Connect(*url, *tls, *tlsCertPath, *tlsKeyPath, *tlsCACertPath, *tlsVerify)
 	if err != nil {
 		log.Fatalf("Failed to connect to NATS: %s", err)
 	}

nats.go

@@ -2,11 +2,11 @@ package nats_cli
 
 import (
 	"errors"
-
+	ctls "crypto/tls"
 	"github.com/nats-io/nats"
 )
 
-func Connect(url string, tls bool, certPath string, keyPath string, caCertPath string) (*nats.Conn, error) {
+func Connect(url string, tls bool, certPath string, keyPath string, caCertPath string, verify bool) (*nats.Conn, error) {
 	if tls {
 		if len(certPath) == 0 {
 			return nil, errors.New("tlscert not set")
@@ -19,10 +19,19 @@ func Connect(url string, tls bool, certPath string, keyPath string, caCertPath s
 		var conn *nats.Conn
 		var err error
 
-		if len(caCertPath) > 0 {
+		tlsverify := func(o *nats.Options) error {
-			conn, err = nats.Connect(url, nats.RootCAs(caCertPath), cert)
+			if o.TLSConfig == nil {
+				o.TLSConfig.InsecureSkipVerify = !verify
 			} else {
-			conn, err = nats.Connect(url, cert)
+				o.TLSConfig = &ctls.Config{InsecureSkipVerify: !verify}
+			}
+			return nil
+		}
+
+		if len(caCertPath) > 0 {
+			conn, err = nats.Connect(url, nats.RootCAs(caCertPath), cert, tlsverify)
+		} else {
+			conn, err = nats.Connect(url, cert, tlsverify)
 		}
 
 		if err != nil {