From 7557d1d92240d7dc36a6f8137ab542f3908f316c Mon Sep 17 00:00:00 2001
From: Francis Lavoie <lavofr@gmail.com>
Date: Wed, 2 Feb 2022 01:33:36 -0500
Subject: reverseproxy: Avoid returning a `nil` error during
 GetClientCertificate (#4550)

---
 modules/caddyhttp/reverseproxy/httptransport.go | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'modules/caddyhttp/reverseproxy')

diff --git a/modules/caddyhttp/reverseproxy/httptransport.go b/modules/caddyhttp/reverseproxy/httptransport.go
index f23504c..4be51af 100644
--- a/modules/caddyhttp/reverseproxy/httptransport.go
+++ b/modules/caddyhttp/reverseproxy/httptransport.go
@@ -364,6 +364,9 @@ func (t TLSConfig) MakeTLSClientConfig(ctx caddy.Context) (*tls.Config, error) {
 					return &cert.Certificate, nil
 				}
 			}
+			if err == nil {
+				err = fmt.Errorf("no client certificate found for automate name: %s", t.ClientCertificateAutomate)
+			}
 			return nil, err
 		}
 	}
-- 
cgit v1.2.3