Merge pull request #87 from philips/remove-insecureskipverify

fix(etcd): remove insecureskipverify

Author: philips

etcd.go

@@ -481,8 +481,10 @@ func tlsConfigFromInfo(info TLSInfo) (t TLSConfig, ok bool) {
 	t.Scheme = "https"
 	t.Server.ClientAuth, t.Server.ClientCAs = newCertPool(CAFile)
 
+	// The client should trust the RootCA that the Server uses since
+	// everyone is a peer in the network.
 	t.Client.Certificates = []tls.Certificate{tlsCert}
-	t.Client.InsecureSkipVerify = true
+	t.Client.RootCAs = t.Server.ClientCAs
 
 	return t, true
 }