Set tls ServerName to fix issue: either ServerName or InsecureSkipVerify must be specified in the tls.Config

broker.go

@@ -165,7 +165,22 @@ func (b *Broker) Open(conf *Config) error {
 
 		if conf.Net.TLS.Enable {
 			Logger.Printf("Using tls")
-			b.conn = tls.Client(b.conn, conf.Net.TLS.Config)
+			cfg := conf.Net.TLS.Config
+			if cfg == nil {
+				cfg = &tls.Config{}
+			}
+			// If no ServerName is set, infer the ServerName
+			// from the hostname we're connecting to.
+			// Gets the hostname as tls.DialWithDialer does it.
+			if cfg.ServerName == "" {
+				colonPos := strings.LastIndex(b.addr, ":")
+				if colonPos == -1 {
+					colonPos = len(b.addr)
+				}
+				hostname := b.addr[:colonPos]
+				cfg.ServerName = hostname
+			}
+			b.conn = tls.Client(b.conn, cfg)
 		}
 
 		b.conn = newBufConn(b.conn)

client_tls_test.go

@@ -158,8 +158,7 @@ func TestTLS(t *testing.T) {
 			Succeed: true,
 			Server:  serverTLSConfig,
 			Client: &tls.Config{
-				RootCAs:    pool,
-				ServerName: "127.0.0.1",
+				RootCAs: pool,
 				Certificates: []tls.Certificate{{
 					Certificate: [][]byte{clientDer},
 					PrivateKey:  clientkey,