diff --git a/cmd/sso-proxy/main.go b/cmd/sso-proxy/main.go
index 505a601cf245f63d67b29398c49ef13151bcbe43..57b27a72b4c4769c54ac9d160d49dbe8814a57c1 100644
--- a/cmd/sso-proxy/main.go
+++ b/cmd/sso-proxy/main.go
@@ -22,13 +22,13 @@ var (
 	configFile = flag.String("config", "/etc/sso/proxy.yml", "path of config file")
 )
 
-func loadConfig() (*proxy.Configuration, error) {
+func loadConfig() (*proxy.Config, error) {
 	// Read YAML config.
 	data, err := ioutil.ReadFile(*configFile)
 	if err != nil {
 		return nil, err
 	}
-	var config proxy.Configuration
+	var config proxy.Config
 	if err := yaml.Unmarshal(data, &config); err != nil {
 		return nil, err
 	}
diff --git a/proxy/proxy.go b/proxy/proxy.go
index d379ed6d2aebe46d958e4e21e18d2c7956c31440..fd72c2b0423b436b2e4c9c250c91a20abcefbccb 100644
--- a/proxy/proxy.go
+++ b/proxy/proxy.go
@@ -52,39 +52,10 @@ func (b *Backend) newHandler(ssow *httpsso.SSOWrapper) (http.Handler, error) {
 	return h, nil
 }
 
-// func buildServerTLSConfig(config *Configuration) (*tls.Config, error) {
-// 	var certs []tls.Certificate
-// 	for _, b := range config.Backends {
-// 		cert, err := tls.LoadX509KeyPair(b.ServerTLSConfig.Cert, b.ServerTLSConfig.Key)
-// 		if err != nil {
-// 			return nil, err
-// 		}
-// 		certs = append(certs, cert)
-// 	}
-
-// 	c := &tls.Config{
-// 		Certificates: certs,
-// 	}
-
-// 	if config.CA != "" {
-// 		cas, err := loadCA(config.CA)
-// 		if err != nil {
-// 			return nil, err
-// 		}
-// 		c.ClientAuth = tls.RequireAndVerifyClientCert
-// 		c.ClientCAs = cas
-// 	}
-
-// 	c.BuildNameToCertificate()
-
-// 	return c, nil
-// }
-
-// Configuration for the proxy.
-type Configuration struct {
+// Config for the proxy.
+type Config struct {
 	SessionAuthKey string `yaml:"session_auth_key"`
 	SessionEncKey  string `yaml:"session_enc_key"`
-	//CA             string `yaml:"ca"`
 
 	SSOLoginServerURL string `yaml:"sso_server_url"`
 	SSOPublicKeyFile  string `yaml:"sso_public_key_file"`
@@ -94,7 +65,7 @@ type Configuration struct {
 }
 
 // Sanity checks for the configuration.
-func (c *Configuration) check() error {
+func (c *Config) check() error {
 	switch len(c.SessionAuthKey) {
 	case 32, 64:
 	case 0:
@@ -120,7 +91,7 @@ func (c *Configuration) check() error {
 
 // NewProxy builds a SSO-protected multi-host handler with the
 // specified configuration.
-func NewProxy(config *Configuration) (http.Handler, error) {
+func NewProxy(config *Config) (http.Handler, error) {
 	if err := config.check(); err != nil {
 		return nil, err
 	}
@@ -130,7 +101,13 @@ func NewProxy(config *Configuration) (http.Handler, error) {
 		return nil, err
 	}
 
-	w, err := httpsso.NewSSOWrapper(config.SSOLoginServerURL, pkey, config.SSODomain, []byte(config.SessionAuthKey), []byte(config.SessionEncKey))
+	w, err := httpsso.NewSSOWrapper(
+		config.SSOLoginServerURL,
+		pkey,
+		config.SSODomain,
+		[]byte(config.SessionAuthKey),
+		[]byte(config.SessionEncKey),
+	)
 	if err != nil {
 		return nil, err
 	}