diff --git a/go/base/context.go b/go/base/context.go
index 856a29c..90581e2 100644
--- a/go/base/context.go
+++ b/go/base/context.go
@@ -100,7 +100,7 @@ type MigrationContext struct {
 	CliUser           string
 	CliPassword       string
 	UseTLS            bool
-	TlsCACertificate  string
+	TLSCACertificate  string
 	CliMasterUser     string
 	CliMasterPassword string
 
@@ -699,7 +699,7 @@ func (this *MigrationContext) ApplyCredentials() {
 
 func (this *MigrationContext) SetupTLS() error {
 	if this.UseTLS {
-		return this.InspectorConnectionConfig.UseTLS(this.TlsCACertificate)
+		return this.InspectorConnectionConfig.UseTLS(this.TLSCACertificate)
 	}
 	return nil
 }
diff --git a/go/cmd/gh-ost/main.go b/go/cmd/gh-ost/main.go
index 8bd8c78..db044f3 100644
--- a/go/cmd/gh-ost/main.go
+++ b/go/cmd/gh-ost/main.go
@@ -56,7 +56,7 @@ func main() {
 	askPass := flag.Bool("ask-pass", false, "prompt for MySQL password")
 
 	flag.BoolVar(&migrationContext.UseTLS, "ssl", false, "Enable SSL encrypted connections to MySQL")
-	flag.StringVar(&migrationContext.TlsCACertificate, "ssl-ca", "", "CA certificate in PEM format for TLS connections. Requires --ssl")
+	flag.StringVar(&migrationContext.TLSCACertificate, "ssl-ca", "", "CA certificate in PEM format for TLS connections. Requires --ssl")
 
 	flag.StringVar(&migrationContext.DatabaseName, "database", "", "database name (mandatory)")
 	flag.StringVar(&migrationContext.OriginalTableName, "table", "", "table name (mandatory)")
@@ -198,7 +198,7 @@ func main() {
 	if migrationContext.CliMasterPassword != "" && migrationContext.AssumeMasterHostname == "" {
 		log.Fatalf("--master-password requires --assume-master-host")
 	}
-	if migrationContext.TlsCACertificate != "" && !migrationContext.UseTLS {
+	if migrationContext.TLSCACertificate != "" && !migrationContext.UseTLS {
 		log.Fatalf("--ssl-ca requires --ssl")
 	}
 	if *replicationLagQuery != "" {