parent
f2394b5a8d
commit
061b749041
|
@ -9,6 +9,7 @@
|
||||||
- [#849](https://github.com/influxdata/telegraf/issues/849): Adding ability to parse single values as an input data type.
|
- [#849](https://github.com/influxdata/telegraf/issues/849): Adding ability to parse single values as an input data type.
|
||||||
|
|
||||||
### Bugfixes
|
### Bugfixes
|
||||||
|
[#890](https://github.com/influxdata/telegraf/issues/890): Create TLS config even if only ssl_ca is provided.
|
||||||
|
|
||||||
## v0.11.1 [2016-03-17]
|
## v0.11.1 [2016-03-17]
|
||||||
|
|
||||||
|
|
|
@ -86,15 +86,15 @@ func GetTLSConfig(
|
||||||
SSLCert, SSLKey, SSLCA string,
|
SSLCert, SSLKey, SSLCA string,
|
||||||
InsecureSkipVerify bool,
|
InsecureSkipVerify bool,
|
||||||
) (*tls.Config, error) {
|
) (*tls.Config, error) {
|
||||||
t := &tls.Config{}
|
if SSLCert == "" && SSLKey == "" && SSLCA == "" && !InsecureSkipVerify {
|
||||||
if SSLCert != "" && SSLKey != "" && SSLCA != "" {
|
return nil, nil
|
||||||
cert, err := tls.LoadX509KeyPair(SSLCert, SSLKey)
|
}
|
||||||
if err != nil {
|
|
||||||
return nil, errors.New(fmt.Sprintf(
|
|
||||||
"Could not load TLS client key/certificate: %s",
|
|
||||||
err))
|
|
||||||
}
|
|
||||||
|
|
||||||
|
t := &tls.Config{
|
||||||
|
InsecureSkipVerify: InsecureSkipVerify,
|
||||||
|
}
|
||||||
|
|
||||||
|
if SSLCA != "" {
|
||||||
caCert, err := ioutil.ReadFile(SSLCA)
|
caCert, err := ioutil.ReadFile(SSLCA)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.New(fmt.Sprintf("Could not load TLS CA: %s",
|
return nil, errors.New(fmt.Sprintf("Could not load TLS CA: %s",
|
||||||
|
@ -103,20 +103,21 @@ func GetTLSConfig(
|
||||||
|
|
||||||
caCertPool := x509.NewCertPool()
|
caCertPool := x509.NewCertPool()
|
||||||
caCertPool.AppendCertsFromPEM(caCert)
|
caCertPool.AppendCertsFromPEM(caCert)
|
||||||
|
t.RootCAs = caCertPool
|
||||||
t = &tls.Config{
|
|
||||||
Certificates: []tls.Certificate{cert},
|
|
||||||
RootCAs: caCertPool,
|
|
||||||
InsecureSkipVerify: InsecureSkipVerify,
|
|
||||||
}
|
|
||||||
t.BuildNameToCertificate()
|
|
||||||
} else {
|
|
||||||
if InsecureSkipVerify {
|
|
||||||
t.InsecureSkipVerify = true
|
|
||||||
} else {
|
|
||||||
return nil, nil
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if SSLCert != "" && SSLKey != "" {
|
||||||
|
cert, err := tls.LoadX509KeyPair(SSLCert, SSLKey)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.New(fmt.Sprintf(
|
||||||
|
"Could not load TLS client key/certificate: %s",
|
||||||
|
err))
|
||||||
|
}
|
||||||
|
|
||||||
|
t.Certificates = []tls.Certificate{cert}
|
||||||
|
t.BuildNameToCertificate()
|
||||||
|
}
|
||||||
|
|
||||||
// will be nil by default if nothing is provided
|
// will be nil by default if nothing is provided
|
||||||
return t, nil
|
return t, nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue