Skip to content
This repository was archived by the owner on Apr 25, 2025. It is now read-only.

Commit 9fd0ebd

Browse files
author
Baha Shaaban
committed
[FAB-7516] refactor embbedded cert/key combo
Change-Id: I75765994af49ae318a7e38941386d10dc4df5521 Signed-off-by: Baha Shaaban <baha.shaaban@securekey.com>
1 parent 9027753 commit 9fd0ebd

File tree

1 file changed

+14
-23
lines changed

1 file changed

+14
-23
lines changed

pkg/config/config.go

Lines changed: 14 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -829,32 +829,23 @@ func (c *Config) TLSClientCerts() ([]tls.Certificate, error) {
829829
var cb, kb []byte
830830
if clientConfig.TLSCerts.Client.CertPem != "" {
831831
cb = []byte(clientConfig.TLSCerts.Client.CertPem)
832-
if clientConfig.TLSCerts.Client.KeyPem != "" {
833-
kb = []byte(clientConfig.TLSCerts.Client.KeyPem)
834-
} else if clientConfig.TLSCerts.Client.Keyfile != "" {
835-
kb, err = loadByteKeyOrCertFromFile(&clientConfig, true)
836-
if err != nil {
837-
return nil, err
838-
}
839-
} else {
840-
return nil, errors.Errorf("Missing key for cert/key pair TLS client credentials. Ensure either the key file path or the key content is embedded in the client config.")
841-
}
842832
} else if clientConfig.TLSCerts.Client.Certfile != "" {
843833
cb, err = loadByteKeyOrCertFromFile(&clientConfig, false)
844-
if clientConfig.TLSCerts.Client.KeyPem != "" {
845-
kb = []byte(clientConfig.TLSCerts.Client.KeyPem)
846-
if err != nil {
847-
return nil, err
848-
}
849-
} else if clientConfig.TLSCerts.Client.Keyfile != "" {
850-
kb, err = loadByteKeyOrCertFromFile(&clientConfig, true)
851-
if err != nil {
852-
return nil, err
853-
}
854-
} else {
855-
return nil, errors.Errorf("Missing key for cert/key pair TLS client credentials. Ensure either the key file path or the key content is embedded in the client config.")
834+
if err != nil {
835+
return nil, errors.Wrapf(err, "Failed to load cert from file path '%s'", clientConfig.TLSCerts.Client.Certfile)
856836
}
857-
} else {
837+
}
838+
839+
if clientConfig.TLSCerts.Client.KeyPem != "" {
840+
kb = []byte(clientConfig.TLSCerts.Client.KeyPem)
841+
} else if clientConfig.TLSCerts.Client.Keyfile != "" {
842+
kb, err = loadByteKeyOrCertFromFile(&clientConfig, true)
843+
if err != nil {
844+
return nil, errors.Wrapf(err, "Failed to load key from file path '%s'", clientConfig.TLSCerts.Client.Keyfile)
845+
}
846+
}
847+
848+
if len(cb) == 0 && len(kb) == 0 {
858849
// if no cert found in the config, return empty cert chain
859850
return []tls.Certificate{clientCerts}, nil
860851
}

0 commit comments

Comments
 (0)