Skip to content

Commit

Permalink
Merge pull request moby#11212 from cpuguy83/better_error_message_for_…
Browse files Browse the repository at this point in the history 
…tls_issues

Improve error messages for loading tls keys
  • Loading branch information
@duglin
duglin committed Mar 7, 2015
2 parents 7967fc8 + 2ea6c2c commit 6f0733a
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions api/server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1463,7 +1463,10 @@ func lookupGidByName(nameOrGid string) (int, error) {
func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) {
tlsCert, err := tls.LoadX509KeyPair(cert, key)
if err != nil {
return nil, fmt.Errorf("Couldn't load X509 key pair (%s, %s): %s. Key encrypted?",
if os.IsNotExist(err) {
return nil, fmt.Errorf("Could not load X509 key pair (%s, %s): %v", cert, key, err)
}
return nil, fmt.Errorf("Error reading X509 key pair (%s, %s): %q. Make sure the key is encrypted.",
cert, key, err)
}
tlsConfig := &tls.Config{
Expand All @@ -1477,7 +1480,7 @@ func setupTls(cert, key, ca string, l net.Listener) (net.Listener, error) {
certPool := x509.NewCertPool()
file, err := ioutil.ReadFile(ca)
if err != nil {
return nil, fmt.Errorf("Couldn't read CA certificate: %s", err)
return nil, fmt.Errorf("Could not read CA certificate: %v", err)
}
certPool.AppendCertsFromPEM(file)
tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
Expand Down

0 comments on commit 6f0733a

Please sign in to comment.