diff --git a/.travis.yml b/.travis.yml
index f439382..7cc2db0 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -14,7 +14,6 @@ go: 1.8.1
 install: true
 script:
 - make test
-- echo "TRAVIS_PULL_REQUEST: ${TRAVIS_PULL_REQUEST}"
 - if ([[ ${TRAVIS_BRANCH} == "master" ]] && [[ ${TRAVIS_PULL_REQUEST} == "false" ]]) || [[ -n ${TRAVIS_TAG} ]]; then
     GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "-X main.gitsha=${TRAVIS_TAG:-git+${TRAVIS_COMMIT}}" -o bin/vault-sidekick_linux_amd64;
     GOOS=darwin GOARCH=amd64 CGO_ENABLED=0 go build -ldflags "-X main.gitsha=${TRAVIS_TAG:-git+${TRAVIS_COMMIT}}" -o bin/vault-sidekick_darwin_amd64;
diff --git a/config.go b/config.go
index a2352ae..faf73fb 100644
--- a/config.go
+++ b/config.go
@@ -37,7 +37,7 @@ type config struct {
 	// switch on dry run
 	dryRun bool
 	// skip tls verify
-	tlsVerify bool
+	skipTLSVerify bool
 	// the resource items to retrieve
 	resources *VaultResources
 	// the interval for producing statistics
@@ -61,7 +61,7 @@ func init() {
 	flag.StringVar(&options.vaultAuthFile, "auth", "", "a configuration file in json or yaml containing authentication arguments")
 	flag.StringVar(&options.outputDir, "output", getEnv("VAULT_OUTPUT", "/etc/secrets"), "the full path to write resources or VAULT_OUTPUT")
 	flag.BoolVar(&options.dryRun, "dryrun", false, "perform a dry run, printing the content to screen")
-	flag.BoolVar(&options.tlsVerify, "tls-skip-verify", false, "whether to check and verify the vault service certificate")
+	flag.BoolVar(&options.skipTLSVerify, "tls-skip-verify", false, "whether to check and verify the vault service certificate")
 	flag.StringVar(&options.vaultCaFile, "ca-cert", "", "the path to the file container the CA used to verify the vault service")
 	flag.DurationVar(&options.statsInterval, "stats", time.Duration(1)*time.Hour, "the interval to produce statistics on the accessed resources")
 	flag.DurationVar(&options.execTimeout, "exec-timeout", time.Duration(60)*time.Second, "the timeout applied to commands on the exec option")
@@ -99,7 +99,7 @@ func validateOptions(cfg *config) (err error) {
 		}
 	}
 
-	if cfg.tlsVerify == true && cfg.vaultCaFile != "" {
+	if cfg.skipTLSVerify == true && cfg.vaultCaFile != "" {
 		return fmt.Errorf("you are skipping the tls but supplying a CA, doesn't make sense")
 	}
 
diff --git a/vault.go b/vault.go
index 85973d2..ba688af 100644
--- a/vault.go
+++ b/vault.go
@@ -457,23 +457,22 @@ func buildHTTPTransport(opts *config) (*http.Transport, error) {
 			KeepAlive: 10 * time.Second,
 		}).Dial,
 		TLSHandshakeTimeout: 10 * time.Second,
+		TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: opts.skipTLSVerify,
+		},
 	}
-	// step: are we skip the tls verify?
-	if options.tlsVerify {
-		transport.TLSClientConfig = &tls.Config{
-			InsecureSkipVerify: true,
-		}
+	if opts.skipTLSVerify {
+		glog.Warning("skipping TLS verification is not recommended")
 	}
 	// step: are we loading a CA file
 	if opts.vaultCaFile != "" {
-		// step: load the ca file
+		glog.V(3).Infof("loading the ca certificate: %s", opts.vaultCaFile)
 		caCert, err := ioutil.ReadFile(opts.vaultCaFile)
 		if err != nil {
 			return nil, fmt.Errorf("unable to read in the ca: %s, reason: %s", opts.vaultCaFile, err)
 		}
 		caCertPool := x509.NewCertPool()
 		caCertPool.AppendCertsFromPEM(caCert)
-		// step: add the ca to the root
 		transport.TLSClientConfig.RootCAs = caCertPool
 	}