1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

Improve error messages for loading tls keys

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This commit is contained in:
Brian Goff 2015-03-06 16:38:05 -05:00
parent 2a8a2d2428
commit 2ea6c2c264

View file

@ -1463,7 +1463,10 @@ func lookupGidByName(nameOrGid string) (int, error) {
func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) { func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) {
tlsCert, err := tls.LoadX509KeyPair(cert, key) tlsCert, err := tls.LoadX509KeyPair(cert, key)
if err != nil { if err != nil {
return nil, fmt.Errorf("Couldn't load X509 key pair (%s, %s): %s. Key encrypted?", if os.IsNotExist(err) {
return nil, fmt.Errorf("Could not load X509 key pair (%s, %s): %v", cert, key, err)
}
return nil, fmt.Errorf("Error reading X509 key pair (%s, %s): %q. Make sure the key is encrypted.",
cert, key, err) cert, key, err)
} }
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
@ -1477,7 +1480,7 @@ func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) {
certPool := x509.NewCertPool() certPool := x509.NewCertPool()
file, err := ioutil.ReadFile(ca) file, err := ioutil.ReadFile(ca)
if err != nil { if err != nil {
return nil, fmt.Errorf("Couldn't read CA certificate: %s", err) return nil, fmt.Errorf("Could not read CA certificate: %v", err)
} }
certPool.AppendCertsFromPEM(file) certPool.AppendCertsFromPEM(file)
tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert