/tls/ -- add internal usable flag to simplify logic when https needs to be booted up

app.go

@@ -179,7 +179,7 @@ func run(args options) {
 			address := net.JoinHostPort(config.BindHost, strconv.Itoa(config.TLS.PortHTTPS))
 			// validate current TLS config and update warnings (it could have been loaded from file)
 			data := validateCertificates(config.TLS)
-			if data.WarningValidation != "" {
+			if !data.usable {
 				log.Fatal(data.WarningValidation)
 				os.Exit(1)
 			}

config.go

@@ -88,6 +88,9 @@ type tlsConfigStatus struct {
 	ValidKey bool   `yaml:"-" json:"valid_key"`
 	KeyType  string `yaml:"-" json:"key_type,omitempty"`
 
+	// is usable? set by validator
+	usable bool
+
 	// warnings
 	Warning           string `yaml:"-" json:"warning,omitempty"`
 	WarningValidation string `yaml:"-" json:"warning_validation,omitempty"`

control.go

@@ -1088,7 +1088,7 @@ func handleTLSConfigure(w http.ResponseWriter, r *http.Request) {
 
 	restartHTTPS := false
 	data = validateCertificates(data)
-	if data.WarningValidation == "" {
+	if data.usable {
 		if !reflect.DeepEqual(config.TLS.tlsConfigSettings, data.tlsConfigSettings) {
 			log.Printf("tls config settings have changed, will restart HTTPS server")
 			restartHTTPS = true
@@ -1259,6 +1259,7 @@ func validateCertificates(data tlsConfig) tlsConfig {
 			data.WarningValidation = fmt.Sprintf("Invalid certificate or key: %s", err)
 			return data
 		}
+		data.usable = true
 	}
 
 	return data