From 8dd2a8527a0af9c3a5173ab918394054543fbbb0 Mon Sep 17 00:00:00 2001
From: Cameron Sparr <cameronsparr@gmail.com>
Date: Tue, 6 Sep 2016 13:41:26 +0100
Subject: [PATCH] Refactor NATS ssl config

---
 plugins/outputs/nats/nats.go | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/plugins/outputs/nats/nats.go b/plugins/outputs/nats/nats.go
index 4b0b94d7a..5008937d9 100644
--- a/plugins/outputs/nats/nats.go
+++ b/plugins/outputs/nats/nats.go
@@ -21,9 +21,12 @@ type NATS struct {
 	Subject string
 
 	// Path to CA file
-	CAFile string `toml:"tls_ca"`
-
-	// Skip SSL verification
+	SSLCA string `toml:"ssl_ca"`
+	// Path to host cert file
+	SSLCert string `toml:"ssl_cert"`
+	// Path to cert key file
+	SSLKey string `toml:"ssl_key"`
+	// Use SSL but skip chain & host verification
 	InsecureSkipVerify bool
 
 	conn       *nats_client.Conn
@@ -38,10 +41,12 @@ var sampleConfig = `
   # password = ""
   ## NATS subject for producer messages
   subject = "telegraf"
-  ## Optional TLS Config
-  ## CA certificate used to self-sign NATS server(s) TLS certificate(s)
-  # tls_ca = "/etc/telegraf/ca.pem"
-  ## Use TLS but skip chain & host verification
+
+  ## Optional SSL Config
+  # ssl_ca = "/etc/telegraf/ca.pem"
+  # ssl_cert = "/etc/telegraf/cert.pem"
+  # ssl_key = "/etc/telegraf/key.pem"
+  ## Use SSL but skip chain & host verification
   # insecure_skip_verify = false
 
   ## Data format to output.
@@ -65,9 +70,8 @@ func (n *NATS) Connect() error {
 		opts.Password = n.Password
 	}
 
-	// is TLS enabled?
 	tlsConfig, err := internal.GetTLSConfig(
-		"", "", n.CAFile, n.InsecureSkipVerify)
+		n.SSLCert, n.SSLKey, n.SSLCA, n.InsecureSkipVerify)
 	if err != nil {
 		return err
 	}