diff --git a/command/agent/http.go b/command/agent/http.go
index 8dbfca78e..70fef37db 100644
--- a/command/agent/http.go
+++ b/command/agent/http.go
@@ -65,8 +65,8 @@ func NewHTTPServer(agent *Agent, config *Config) (*HTTPServer, error) {
 	// If TLS is enabled, wrap the listener with a TLS listener
 	if config.TLSConfig.EnableHTTP {
 		tlsConf := &tlsutil.Config{
-			VerifyIncoming:       false,
-			VerifyOutgoing:       true,
+			VerifyIncoming:       config.TLSConfig.VerifyIncoming,
+			VerifyOutgoing:       config.TLSConfig.VerifyOutgoing,
 			VerifyServerHostname: config.TLSConfig.VerifyServerHostname,
 			CAFile:               config.TLSConfig.CAFile,
 			CertFile:             config.TLSConfig.CertFile,