From 5ee3729738dbb0db6833c8c1234441f610c99691 Mon Sep 17 00:00:00 2001 From: Xiang Li Date: Thu, 24 Mar 2016 09:57:25 -0700 Subject: [PATCH] etcdmain: etcd should fail to start when https is enabled but tls config is not given --- etcdmain/etcd.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/etcdmain/etcd.go b/etcdmain/etcd.go index c9531d049..ba432c10c 100644 --- a/etcdmain/etcd.go +++ b/etcdmain/etcd.go @@ -262,8 +262,11 @@ func startEtcd(cfg *config) (<-chan struct{}, error) { } sctxs := make(map[string]*serveCtx) for _, u := range cfg.lcurls { - if u.Scheme == "http" && !cfg.clientTLSInfo.Empty() { - plog.Warningf("The scheme of client url %s is http while client key/cert files are presented. Ignored client key/cert files.", u.String()) + if u.Scheme == "http" && ctlscfg != nil { + plog.Warningf("The scheme of client url %s is HTTP while client key/cert files are presented. Ignored client key/cert files.", u.String()) + } + if u.Scheme == "https" && ctlscfg == nil { + return nil, fmt.Errorf("TLS key/cert (--cert-file, --key-file) must be provided for client url %s with HTTPs scheme", u.String()) } ctx := &serveCtx{host: u.Host}