diff --git a/adapters/outbound/socks5.go b/adapters/outbound/socks5.go
index a1495e90..42389c34 100644
--- a/adapters/outbound/socks5.go
+++ b/adapters/outbound/socks5.go
@@ -28,18 +28,18 @@ func (ss *Socks5Adapter) Conn() net.Conn {
 }
 
 type Socks5 struct {
-	addr string
-	name string
-	tls  bool
-	sni  bool
+	addr           string
+	name           string
+	tls            bool
+	skipCertVerify bool
 }
 
 type Socks5Option struct {
-	Name   string `proxy:"name"`
-	Server string `proxy:"server"`
-	Port   int    `proxy:"port"`
-	TLS    bool   `proxy:"tls"`
-	SNI    bool   `proxy:"sni"`
+	Name           string `proxy:"name"`
+	Server         string `proxy:"server"`
+	Port           int    `proxy:"port"`
+	TLS            bool   `proxy:"tls,omitempty"`
+	SkipCertVerify bool   `proxy:"skip-cert-verify,omitempty"`
 }
 
 func (ss *Socks5) Name() string {
@@ -55,7 +55,7 @@ func (ss *Socks5) Generator(metadata *C.Metadata) (adapter C.ProxyAdapter, err e
 
 	if err == nil && ss.tls {
 		tlsConfig := tls.Config{
-			InsecureSkipVerify: ss.sni,
+			InsecureSkipVerify: ss.skipCertVerify,
 			MaxVersion:         tls.VersionTLS12,
 		}
 		c = tls.Client(c, &tlsConfig)
@@ -104,9 +104,9 @@ func (ss *Socks5) shakeHand(metadata *C.Metadata, rw io.ReadWriter) error {
 
 func NewSocks5(option Socks5Option) *Socks5 {
 	return &Socks5{
-		addr: fmt.Sprintf("%s:%d", option.Server, option.Port),
-		name: option.Name,
-		tls:  option.TLS,
-		sni:  option.SNI,
+		addr:           fmt.Sprintf("%s:%d", option.Server, option.Port),
+		name:           option.Name,
+		tls:            option.TLS,
+		skipCertVerify: option.SkipCertVerify,
 	}
 }
diff --git a/adapters/outbound/vmess.go b/adapters/outbound/vmess.go
index e45844ae..9ea20aca 100644
--- a/adapters/outbound/vmess.go
+++ b/adapters/outbound/vmess.go
@@ -31,15 +31,16 @@ type Vmess struct {
 }
 
 type VmessOption struct {
-	Name    string `proxy:"name"`
-	Server  string `proxy:"server"`
-	Port    int    `proxy:"port"`
-	UUID    string `proxy:"uuid"`
-	AlterID int    `proxy:"alterId"`
-	Cipher  string `proxy:"cipher"`
-	TLS     bool   `proxy:"tls,omitempty"`
-	Network string `proxy:"network,omitempty"`
-	WSPath  string `proxy:"ws-path,omitempty"`
+	Name           string `proxy:"name"`
+	Server         string `proxy:"server"`
+	Port           int    `proxy:"port"`
+	UUID           string `proxy:"uuid"`
+	AlterID        int    `proxy:"alterId"`
+	Cipher         string `proxy:"cipher"`
+	TLS            bool   `proxy:"tls,omitempty"`
+	Network        string `proxy:"network,omitempty"`
+	WSPath         string `proxy:"ws-path,omitempty"`
+	SkipCertVerify bool   `proxy:"skip-cert-verify,omitempty"`
 }
 
 func (ss *Vmess) Name() string {
@@ -63,13 +64,14 @@ func (ss *Vmess) Generator(metadata *C.Metadata) (adapter C.ProxyAdapter, err er
 func NewVmess(option VmessOption) (*Vmess, error) {
 	security := strings.ToLower(option.Cipher)
 	client, err := vmess.NewClient(vmess.Config{
-		UUID:          option.UUID,
-		AlterID:       uint16(option.AlterID),
-		Security:      security,
-		TLS:           option.TLS,
-		Host:          fmt.Sprintf("%s:%d", option.Server, option.Port),
-		NetWork:       option.Network,
-		WebSocketPath: option.WSPath,
+		UUID:           option.UUID,
+		AlterID:        uint16(option.AlterID),
+		Security:       security,
+		TLS:            option.TLS,
+		Host:           fmt.Sprintf("%s:%d", option.Server, option.Port),
+		NetWork:        option.Network,
+		WebSocketPath:  option.WSPath,
+		SkipCertVerify: option.SkipCertVerify,
 	})
 	if err != nil {
 		return nil, err
diff --git a/component/vmess/vmess.go b/component/vmess/vmess.go
index 23dfc8f5..ece51d76 100644
--- a/component/vmess/vmess.go
+++ b/component/vmess/vmess.go
@@ -39,10 +39,6 @@ var CipherMapping = map[string]byte{
 	"chacha20-poly1305": SecurityCHACHA20POLY1305,
 }
 
-var tlsConfig = &tls.Config{
-	InsecureSkipVerify: true,
-}
-
 // Command types
 const (
 	CommandTCP byte = 1
@@ -65,24 +61,26 @@ type DstAddr struct {
 
 // Client is vmess connection generator
 type Client struct {
-	user          []*ID
-	uuid          *uuid.UUID
-	security      Security
-	tls           bool
-	host          string
-	websocket     bool
-	websocketPath string
+	user           []*ID
+	uuid           *uuid.UUID
+	security       Security
+	tls            bool
+	host           string
+	websocket      bool
+	websocketPath  string
+	skipCertVerify bool
 }
 
 // Config of vmess
 type Config struct {
-	UUID          string
-	AlterID       uint16
-	Security      string
-	TLS           bool
-	Host          string
-	NetWork       string
-	WebSocketPath string
+	UUID           string
+	AlterID        uint16
+	Security       string
+	TLS            bool
+	Host           string
+	NetWork        string
+	WebSocketPath  string
+	SkipCertVerify bool
 }
 
 // New return a Conn with net.Conn and DstAddr
@@ -100,6 +98,9 @@ func (c *Client) New(conn net.Conn, dst *DstAddr) (net.Conn, error) {
 		scheme := "ws"
 		if c.tls {
 			scheme = "wss"
+			dialer.TLSClientConfig = &tls.Config{
+				InsecureSkipVerify: c.skipCertVerify,
+			}
 		}
 
 		host, port, err := net.SplitHostPort(c.host)
@@ -125,7 +126,9 @@ func (c *Client) New(conn net.Conn, dst *DstAddr) (net.Conn, error) {
 
 		conn = newWebsocketConn(wsConn, conn.RemoteAddr())
 	} else if c.tls {
-		conn = tls.Client(conn, tlsConfig)
+		conn = tls.Client(conn, &tls.Config{
+			InsecureSkipVerify: c.skipCertVerify,
+		})
 	}
 	return newConn(conn, c.user[r], dst, c.security), nil
 }