Use wkfs when loading tls certs

nsheridan · Oct 7, 2016 · 2940204 · 2940204
1 parent 3c99b94
commit 2940204
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/cmd/cashierd/main.go b/cmd/cashierd/main.go
@@ -17,6 +17,7 @@ import (
 	"strconv"
 	"strings"
 
+	"go4.org/wkfs"
 	"golang.org/x/oauth2"
 
 	"github.com/gorilla/csrf"
@@ -312,6 +313,18 @@ func certStore(config string) (store.CertStorer, error) {
 	return cstore, err
 }
 
+func loadCerts(certFile, keyFile string) (tls.Certificate, error) {
+	key, err := wkfs.ReadFile(keyFile)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	cert, err := wkfs.ReadFile(certFile)
+	if err != nil {
+		return tls.Certificate{}, err
+	}
+	return tls.X509KeyPair(cert, key)
+}
+
 func main() {
 	// Privileged section
 	flag.Parse()
@@ -343,7 +356,7 @@ func main() {
 	tlsConfig := &tls.Config{}
 	if config.Server.UseTLS {
 		tlsConfig.Certificates = make([]tls.Certificate, 1)
-		tlsConfig.Certificates[0], err = tls.LoadX509KeyPair(config.Server.TLSCert, config.Server.TLSKey)
+		tlsConfig.Certificates[0], err = loadCerts(config.Server.TLSCert, config.Server.TLSKey)
 		if err != nil {
 			log.Fatal(err)
 		}