dexop: better error handling for certs

skrobul · skrobul · commit 44f966fd0730 · 2025-05-07T14:55:54.000+01:00
diff --git a/go/dexop/dex/client.go b/go/dexop/dex/client.go
@@ -104,15 +104,15 @@ func newDexClient(hostAndPort, caPath, clientKey, clientCrt string) (dexapi.DexC
 	cPool := x509.NewCertPool()
 	caCert, err := os.ReadFile(caPath)
 	if err != nil {
-		return nil, fmt.Errorf("invalid CA crt file: %s", caPath)
+		return nil, fmt.Errorf("invalid CA crt file (%s): %w", caPath, err)
 	}
 	if !cPool.AppendCertsFromPEM(caCert) {
 		return nil, fmt.Errorf("failed to parse CA crt")
 	}
 
 	clientCert, err := tls.LoadX509KeyPair(clientCrt, clientKey)
 	if err != nil {
-		return nil, fmt.Errorf("invalid client crt file: %s", clientCrt)
+		return nil, fmt.Errorf("invalid client crt(%s) or key(%s) file: %w", clientCrt, clientKey, err)
 	}
 
 	clientTLSConfig := &tls.Config{

Original file line number	Diff line number	Diff line change
`@@ -104,15 +104,15 @@ func newDexClient(hostAndPort, caPath, clientKey, clientCrt string) (dexapi.DexC`
`104`	`104`	`cPool := x509.NewCertPool()`
`105`	`105`	`caCert, err := os.ReadFile(caPath)`
`106`	`106`	`if err != nil {`
`107`		`- return nil, fmt.Errorf("invalid CA crt file: %s", caPath)`
	`107`	`+ return nil, fmt.Errorf("invalid CA crt file (%s): %w", caPath, err)`
`108`	`108`	`}`
`109`	`109`	`if !cPool.AppendCertsFromPEM(caCert) {`
`110`	`110`	`return nil, fmt.Errorf("failed to parse CA crt")`
`111`	`111`	`}`
`112`	`112`
`113`	`113`	`clientCert, err := tls.LoadX509KeyPair(clientCrt, clientKey)`
`114`	`114`	`if err != nil {`
`115`		`- return nil, fmt.Errorf("invalid client crt file: %s", clientCrt)`
	`115`	`+ return nil, fmt.Errorf("invalid client crt(%s) or key(%s) file: %w", clientCrt, clientKey, err)`
`116`	`116`	`}`
`117`	`117`
`118`	`118`	`clientTLSConfig := &tls.Config{`