From 2f5a452aabf277edf92e691df81fefaead93e5cd Mon Sep 17 00:00:00 2001
From: Edbert Linardi <edbert.linardi@snowflake.com>
Date: Tue, 17 Oct 2023 21:30:41 -0700
Subject: [PATCH] add an option to skip tls verification

---
 services/httpoverrpc/client/client.go      |   5 +
 services/httpoverrpc/client/utils.go       |  38 ++++-
 services/httpoverrpc/httpoverrpc.pb.go     | 189 +++++++++++++++------
 services/httpoverrpc/httpoverrpc.proto     |   6 +
 services/httpoverrpc/server/server.go      |  16 +-
 services/httpoverrpc/server/server_test.go |   2 +-
 6 files changed, 190 insertions(+), 66 deletions(-)

diff --git a/services/httpoverrpc/client/client.go b/services/httpoverrpc/client/client.go
index 73bb1732..a182586b 100644
--- a/services/httpoverrpc/client/client.go
+++ b/services/httpoverrpc/client/client.go
@@ -201,6 +201,7 @@ type getCmd struct {
 	showResponseHeaders bool
 	protocol            string
 	hostname            string
+	insecureSkipVerify  bool
 }
 
 func (*getCmd) Name() string     { return "get" }
@@ -226,6 +227,7 @@ func (g *getCmd) SetFlags(f *flag.FlagSet) {
 	f.Var(&g.headers, "header", "Header to send in the request, may be specified multiple times.")
 	f.StringVar(&g.body, "body", "", "Body to send in request")
 	f.BoolVar(&g.showResponseHeaders, "show-response-headers", false, "If true, print response code and headers")
+	f.BoolVar(&g.insecureSkipVerify, "insecure-skip-tls-verify", false, "If true, skip TLS cert verification")
 }
 
 func (g *getCmd) Execute(ctx context.Context, f *flag.FlagSet, args ...interface{}) subcommands.ExitStatus {
@@ -266,6 +268,9 @@ func (g *getCmd) Execute(ctx context.Context, f *flag.FlagSet, args ...interface
 		Port:     int32(port),
 		Protocol: g.protocol,
 		Hostname: g.hostname,
+		Tlsconfig: &pb.TLSConfig{
+			InsecureSkipVerify: g.insecureSkipVerify,
+		},
 	}
 
 	resp, err := proxy.HostOneMany(ctx, req)
diff --git a/services/httpoverrpc/client/utils.go b/services/httpoverrpc/client/utils.go
index db34e80c..f6f81023 100644
--- a/services/httpoverrpc/client/utils.go
+++ b/services/httpoverrpc/client/utils.go
@@ -39,12 +39,41 @@ var (
 )
 
 type HTTPTransporter struct {
-	conn *proxy.Conn
+	conn               *proxy.Conn
+	insecureSkipVerify bool
 }
 
-func NewHTTPTransporter(conn *proxy.Conn) *HTTPTransporter {
+type httpTransporterOptions struct {
+	insecureSkipVerify bool
+}
+
+type Option interface {
+	apply(*httpTransporterOptions)
+}
+
+type optionFunc func(*httpTransporterOptions)
+
+func (o optionFunc) apply(opts *httpTransporterOptions) {
+	o(opts)
+}
+
+func WithInsecureSkipVerify(insecureSkipVerify bool) Option {
+	return optionFunc(func(o *httpTransporterOptions) {
+		o.insecureSkipVerify = insecureSkipVerify
+	})
+}
+
+func NewHTTPTransporter(conn *proxy.Conn, opts ...Option) *HTTPTransporter {
+	options := &httpTransporterOptions{
+		insecureSkipVerify: false,
+	}
+
+	for _, opt := range opts {
+		opt.apply(options)
+	}
 	return &HTTPTransporter{
-		conn,
+		conn:               conn,
+		insecureSkipVerify: options.insecureSkipVerify,
 	}
 }
 
@@ -132,6 +161,9 @@ func (c *HTTPTransporter) RoundTrip(req *http.Request) (*http.Response, error) {
 		},
 		Protocol: req.URL.Scheme,
 		Hostname: req.URL.Hostname(),
+		Tlsconfig: &pb.TLSConfig{
+			InsecureSkipVerify: c.insecureSkipVerify,
+		},
 	}
 
 	port, errPort := getPort(req, reqPb.Protocol)
diff --git a/services/httpoverrpc/httpoverrpc.pb.go b/services/httpoverrpc/httpoverrpc.pb.go
index d9d83498..b221f776 100644
--- a/services/httpoverrpc/httpoverrpc.pb.go
+++ b/services/httpoverrpc/httpoverrpc.pb.go
@@ -48,6 +48,8 @@ type HostHTTPRequest struct {
 	Hostname string `protobuf:"bytes,3,opt,name=hostname,proto3" json:"hostname,omitempty"`
 	// Protocols for communication like http and https
 	Protocol string `protobuf:"bytes,4,opt,name=protocol,proto3" json:"protocol,omitempty"`
+	// TLS Config for the request
+	Tlsconfig *TLSConfig `protobuf:"bytes,5,opt,name=tlsconfig,proto3" json:"tlsconfig,omitempty"`
 }
 
 func (x *HostHTTPRequest) Reset() {
@@ -110,6 +112,60 @@ func (x *HostHTTPRequest) GetProtocol() string {
 	return ""
 }
 
+func (x *HostHTTPRequest) GetTlsconfig() *TLSConfig {
+	if x != nil {
+		return x.Tlsconfig
+	}
+	return nil
+}
+
+type TLSConfig struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	InsecureSkipVerify bool `protobuf:"varint,1,opt,name=insecureSkipVerify,proto3" json:"insecureSkipVerify,omitempty"`
+}
+
+func (x *TLSConfig) Reset() {
+	*x = TLSConfig{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_httpoverrpc_proto_msgTypes[1]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *TLSConfig) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*TLSConfig) ProtoMessage() {}
+
+func (x *TLSConfig) ProtoReflect() protoreflect.Message {
+	mi := &file_httpoverrpc_proto_msgTypes[1]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use TLSConfig.ProtoReflect.Descriptor instead.
+func (*TLSConfig) Descriptor() ([]byte, []int) {
+	return file_httpoverrpc_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *TLSConfig) GetInsecureSkipVerify() bool {
+	if x != nil {
+		return x.InsecureSkipVerify
+	}
+	return false
+}
+
 type Header struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
@@ -122,7 +178,7 @@ type Header struct {
 func (x *Header) Reset() {
 	*x = Header{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_httpoverrpc_proto_msgTypes[1]
+		mi := &file_httpoverrpc_proto_msgTypes[2]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -135,7 +191,7 @@ func (x *Header) String() string {
 func (*Header) ProtoMessage() {}
 
 func (x *Header) ProtoReflect() protoreflect.Message {
-	mi := &file_httpoverrpc_proto_msgTypes[1]
+	mi := &file_httpoverrpc_proto_msgTypes[2]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -148,7 +204,7 @@ func (x *Header) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use Header.ProtoReflect.Descriptor instead.
 func (*Header) Descriptor() ([]byte, []int) {
-	return file_httpoverrpc_proto_rawDescGZIP(), []int{1}
+	return file_httpoverrpc_proto_rawDescGZIP(), []int{2}
 }
 
 func (x *Header) GetKey() string {
@@ -180,7 +236,7 @@ type HTTPRequest struct {
 func (x *HTTPRequest) Reset() {
 	*x = HTTPRequest{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_httpoverrpc_proto_msgTypes[2]
+		mi := &file_httpoverrpc_proto_msgTypes[3]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -193,7 +249,7 @@ func (x *HTTPRequest) String() string {
 func (*HTTPRequest) ProtoMessage() {}
 
 func (x *HTTPRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_httpoverrpc_proto_msgTypes[2]
+	mi := &file_httpoverrpc_proto_msgTypes[3]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -206,7 +262,7 @@ func (x *HTTPRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use HTTPRequest.ProtoReflect.Descriptor instead.
 func (*HTTPRequest) Descriptor() ([]byte, []int) {
-	return file_httpoverrpc_proto_rawDescGZIP(), []int{2}
+	return file_httpoverrpc_proto_rawDescGZIP(), []int{3}
 }
 
 func (x *HTTPRequest) GetMethod() string {
@@ -251,7 +307,7 @@ type HTTPReply struct {
 func (x *HTTPReply) Reset() {
 	*x = HTTPReply{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_httpoverrpc_proto_msgTypes[3]
+		mi := &file_httpoverrpc_proto_msgTypes[4]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -264,7 +320,7 @@ func (x *HTTPReply) String() string {
 func (*HTTPReply) ProtoMessage() {}
 
 func (x *HTTPReply) ProtoReflect() protoreflect.Message {
-	mi := &file_httpoverrpc_proto_msgTypes[3]
+	mi := &file_httpoverrpc_proto_msgTypes[4]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -277,7 +333,7 @@ func (x *HTTPReply) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use HTTPReply.ProtoReflect.Descriptor instead.
 func (*HTTPReply) Descriptor() ([]byte, []int) {
-	return file_httpoverrpc_proto_rawDescGZIP(), []int{3}
+	return file_httpoverrpc_proto_rawDescGZIP(), []int{4}
 }
 
 func (x *HTTPReply) GetStatusCode() int32 {
@@ -308,7 +364,7 @@ var file_httpoverrpc_proto_rawDesc = []byte{
 	0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43,
 	0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
 	0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x22, 0x91, 0x01, 0x0a, 0x0f, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x54, 0x54, 0x50, 0x52,
+	0x74, 0x6f, 0x22, 0xc7, 0x01, 0x0a, 0x0f, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x54, 0x54, 0x50, 0x52,
 	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x32, 0x0a, 0x07, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73,
 	0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76,
 	0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
@@ -317,35 +373,42 @@ var file_httpoverrpc_proto_rawDesc = []byte{
 	0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
 	0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72,
 	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x22, 0x37, 0x0a, 0x06, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72,
-	0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b,
-	0x65, 0x79, 0x12, 0x1b, 0x0a, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03,
-	0x28, 0x09, 0x42, 0x03, 0x80, 0x01, 0x01, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x22,
-	0x89, 0x01, 0x0a, 0x0b, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
-	0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x65, 0x71, 0x75, 0x65,
-	0x73, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65,
-	0x71, 0x75, 0x65, 0x73, 0x74, 0x55, 0x72, 0x69, 0x12, 0x2d, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64,
-	0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x48, 0x54, 0x54, 0x50,
-	0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x52, 0x07,
-	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x18,
-	0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x22, 0x6f, 0x0a, 0x09, 0x48,
-	0x54, 0x54, 0x50, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x74, 0x61, 0x74,
-	0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x73,
-	0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x2d, 0x0a, 0x07, 0x68, 0x65, 0x61,
-	0x64, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x48, 0x54, 0x54,
-	0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65, 0x72, 0x52,
-	0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x62, 0x6f, 0x64, 0x79,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x32, 0x4d, 0x0a, 0x0b,
-	0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x12, 0x3e, 0x0a, 0x04, 0x48,
-	0x6f, 0x73, 0x74, 0x12, 0x1c, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50,
-	0x43, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
-	0x74, 0x1a, 0x16, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e,
-	0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x31, 0x5a, 0x2f, 0x67,
-	0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x6f, 0x77, 0x66, 0x6c,
-	0x61, 0x6b, 0x65, 0x2d, 0x4c, 0x61, 0x62, 0x73, 0x2f, 0x73, 0x61, 0x6e, 0x73, 0x73, 0x68, 0x65,
-	0x6c, 0x6c, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x70, 0x63, 0x62, 0x06,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x6f, 0x74, 0x6f, 0x63, 0x6f, 0x6c, 0x12, 0x34, 0x0a, 0x09, 0x74, 0x6c, 0x73, 0x63, 0x6f, 0x6e,
+	0x66, 0x69, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x48, 0x54, 0x54, 0x50,
+	0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x54, 0x4c, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69,
+	0x67, 0x52, 0x09, 0x74, 0x6c, 0x73, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x22, 0x3b, 0x0a, 0x09,
+	0x54, 0x4c, 0x53, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x2e, 0x0a, 0x12, 0x69, 0x6e, 0x73,
+	0x65, 0x63, 0x75, 0x72, 0x65, 0x53, 0x6b, 0x69, 0x70, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x12, 0x69, 0x6e, 0x73, 0x65, 0x63, 0x75, 0x72, 0x65, 0x53,
+	0x6b, 0x69, 0x70, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x22, 0x37, 0x0a, 0x06, 0x48, 0x65, 0x61,
+	0x64, 0x65, 0x72, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x1b, 0x0a, 0x06, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18,
+	0x02, 0x20, 0x03, 0x28, 0x09, 0x42, 0x03, 0x80, 0x01, 0x01, 0x52, 0x06, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x73, 0x22, 0x89, 0x01, 0x0a, 0x0b, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71, 0x75, 0x65,
+	0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x65,
+	0x71, 0x75, 0x65, 0x73, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
+	0x0a, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x55, 0x72, 0x69, 0x12, 0x2d, 0x0a, 0x07, 0x68,
+	0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x48,
+	0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x65, 0x61, 0x64, 0x65,
+	0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x62, 0x6f,
+	0x64, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x22, 0x6f,
+	0x0a, 0x09, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x12, 0x1f, 0x0a, 0x0b, 0x73,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05,
+	0x52, 0x0a, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65, 0x12, 0x2d, 0x0a, 0x07,
+	0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e,
+	0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x65, 0x61, 0x64,
+	0x65, 0x72, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x62,
+	0x6f, 0x64, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x62, 0x6f, 0x64, 0x79, 0x32,
+	0x4d, 0x0a, 0x0b, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52, 0x50, 0x43, 0x12, 0x3e,
+	0x0a, 0x04, 0x48, 0x6f, 0x73, 0x74, 0x12, 0x1c, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65,
+	0x72, 0x52, 0x50, 0x43, 0x2e, 0x48, 0x6f, 0x73, 0x74, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x71,
+	0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x4f, 0x76, 0x65, 0x72, 0x52,
+	0x50, 0x43, 0x2e, 0x48, 0x54, 0x54, 0x50, 0x52, 0x65, 0x70, 0x6c, 0x79, 0x22, 0x00, 0x42, 0x31,
+	0x5a, 0x2f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x6e, 0x6f,
+	0x77, 0x66, 0x6c, 0x61, 0x6b, 0x65, 0x2d, 0x4c, 0x61, 0x62, 0x73, 0x2f, 0x73, 0x61, 0x6e, 0x73,
+	0x73, 0x68, 0x65, 0x6c, 0x6c, 0x2f, 0x68, 0x74, 0x74, 0x70, 0x6f, 0x76, 0x65, 0x72, 0x72, 0x70,
+	0x63, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -360,24 +423,26 @@ func file_httpoverrpc_proto_rawDescGZIP() []byte {
 	return file_httpoverrpc_proto_rawDescData
 }
 
-var file_httpoverrpc_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
+var file_httpoverrpc_proto_msgTypes = make([]protoimpl.MessageInfo, 5)
 var file_httpoverrpc_proto_goTypes = []interface{}{
 	(*HostHTTPRequest)(nil), // 0: HTTPOverRPC.HostHTTPRequest
-	(*Header)(nil),          // 1: HTTPOverRPC.Header
-	(*HTTPRequest)(nil),     // 2: HTTPOverRPC.HTTPRequest
-	(*HTTPReply)(nil),       // 3: HTTPOverRPC.HTTPReply
+	(*TLSConfig)(nil),       // 1: HTTPOverRPC.TLSConfig
+	(*Header)(nil),          // 2: HTTPOverRPC.Header
+	(*HTTPRequest)(nil),     // 3: HTTPOverRPC.HTTPRequest
+	(*HTTPReply)(nil),       // 4: HTTPOverRPC.HTTPReply
 }
 var file_httpoverrpc_proto_depIdxs = []int32{
-	2, // 0: HTTPOverRPC.HostHTTPRequest.request:type_name -> HTTPOverRPC.HTTPRequest
-	1, // 1: HTTPOverRPC.HTTPRequest.headers:type_name -> HTTPOverRPC.Header
-	1, // 2: HTTPOverRPC.HTTPReply.headers:type_name -> HTTPOverRPC.Header
-	0, // 3: HTTPOverRPC.HTTPOverRPC.Host:input_type -> HTTPOverRPC.HostHTTPRequest
-	3, // 4: HTTPOverRPC.HTTPOverRPC.Host:output_type -> HTTPOverRPC.HTTPReply
-	4, // [4:5] is the sub-list for method output_type
-	3, // [3:4] is the sub-list for method input_type
-	3, // [3:3] is the sub-list for extension type_name
-	3, // [3:3] is the sub-list for extension extendee
-	0, // [0:3] is the sub-list for field type_name
+	3, // 0: HTTPOverRPC.HostHTTPRequest.request:type_name -> HTTPOverRPC.HTTPRequest
+	1, // 1: HTTPOverRPC.HostHTTPRequest.tlsconfig:type_name -> HTTPOverRPC.TLSConfig
+	2, // 2: HTTPOverRPC.HTTPRequest.headers:type_name -> HTTPOverRPC.Header
+	2, // 3: HTTPOverRPC.HTTPReply.headers:type_name -> HTTPOverRPC.Header
+	0, // 4: HTTPOverRPC.HTTPOverRPC.Host:input_type -> HTTPOverRPC.HostHTTPRequest
+	4, // 5: HTTPOverRPC.HTTPOverRPC.Host:output_type -> HTTPOverRPC.HTTPReply
+	5, // [5:6] is the sub-list for method output_type
+	4, // [4:5] is the sub-list for method input_type
+	4, // [4:4] is the sub-list for extension type_name
+	4, // [4:4] is the sub-list for extension extendee
+	0, // [0:4] is the sub-list for field type_name
 }
 
 func init() { file_httpoverrpc_proto_init() }
@@ -399,7 +464,7 @@ func file_httpoverrpc_proto_init() {
 			}
 		}
 		file_httpoverrpc_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*Header); i {
+			switch v := v.(*TLSConfig); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -411,7 +476,7 @@ func file_httpoverrpc_proto_init() {
 			}
 		}
 		file_httpoverrpc_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*HTTPRequest); i {
+			switch v := v.(*Header); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -423,6 +488,18 @@ func file_httpoverrpc_proto_init() {
 			}
 		}
 		file_httpoverrpc_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*HTTPRequest); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_httpoverrpc_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*HTTPReply); i {
 			case 0:
 				return &v.state
@@ -441,7 +518,7 @@ func file_httpoverrpc_proto_init() {
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_httpoverrpc_proto_rawDesc,
 			NumEnums:      0,
-			NumMessages:   4,
+			NumMessages:   5,
 			NumExtensions: 0,
 			NumServices:   1,
 		},
diff --git a/services/httpoverrpc/httpoverrpc.proto b/services/httpoverrpc/httpoverrpc.proto
index 5414ca7a..7cdf9252 100644
--- a/services/httpoverrpc/httpoverrpc.proto
+++ b/services/httpoverrpc/httpoverrpc.proto
@@ -36,6 +36,12 @@ message HostHTTPRequest {
   string hostname = 3;
   // Protocols for communication like http and https 
   string protocol = 4;
+  // TLS Config for the request
+  TLSConfig tlsconfig = 5;
+}
+
+message TLSConfig {
+  bool insecureSkipVerify = 1;
 }
 
 message Header {
diff --git a/services/httpoverrpc/server/server.go b/services/httpoverrpc/server/server.go
index 3645d21a..273016df 100644
--- a/services/httpoverrpc/server/server.go
+++ b/services/httpoverrpc/server/server.go
@@ -20,6 +20,7 @@ package server
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"fmt"
 	"io"
 	"net/http"
@@ -39,10 +40,6 @@ var (
 		Description: "number of failures when performing HTTPOverRPC/Localhost"}
 )
 
-var (
-	httpClient = &http.Client{}
-)
-
 // Server is used to implement the gRPC Server
 type server struct{}
 
@@ -68,9 +65,16 @@ func (s *server) Host(ctx context.Context, req *pb.HostHTTPRequest) (*pb.HTTPRep
 	for _, header := range req.Request.Headers {
 		httpReq.Header[header.Key] = header.Values
 	}
-	httpClient.CheckRedirect = func(*http.Request, []*http.Request) error { return http.ErrUseLastResponse }
+	client := &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: req.Tlsconfig.InsecureSkipVerify,
+			},
+		},
+	}
+	client.CheckRedirect = func(*http.Request, []*http.Request) error { return http.ErrUseLastResponse }
 
-	httpResp, err := httpClient.Do(httpReq)
+	httpResp, err := client.Do(httpReq)
 	if err != nil {
 		return nil, err
 	}
diff --git a/services/httpoverrpc/server/server_test.go b/services/httpoverrpc/server/server_test.go
index aeabb7ce..ded33907 100644
--- a/services/httpoverrpc/server/server_test.go
+++ b/services/httpoverrpc/server/server_test.go
@@ -161,7 +161,7 @@ func TestServer(t *testing.T) {
 	server := httptest.NewTLSServer(m)
 	l = server.Listener
 
-	httpClient = server.Client()
+	httpClient := server.Client()
 	tr := &http.Transport{
 		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
 	}