Allow Cert and Key pair to be optional

I.e. if we just want to pass in the CA cert.

Author: atomicules

client/tls.go

@@ -13,16 +13,26 @@ func NewClientTLSConfig(caPem, certPem, keyPem []byte, insecureSkipVerify bool,
 		panic("failed to add ca PEM")
 	}
 
-	cert, err := tls.X509KeyPair(certPem, keyPem)
-	if err != nil {
-		panic(err)
-	}
+	var config *tls.Config
 
-	config := &tls.Config{
-		Certificates:       []tls.Certificate{cert},
-		RootCAs:            pool,
-		InsecureSkipVerify: insecureSkipVerify,
-		ServerName:         serverName,
+	if string(certPem) != "" && string(keyPem) != "" {
+		cert, err := tls.X509KeyPair(certPem, keyPem)
+		if err != nil {
+			panic(err)
+		}
+		config = &tls.Config{
+			RootCAs:            pool,
+			Certificates:       []tls.Certificate{cert},
+			InsecureSkipVerify: insecureSkipVerify,
+			ServerName:         serverName,
+		}
+	} else {
+		config = &tls.Config{
+			RootCAs:            pool,
+			InsecureSkipVerify: insecureSkipVerify,
+			ServerName:         serverName,
+		}
 	}
+
 	return config
 }