From ba103f9825ff601eb653e0ad0b0d0cca8966cd66 Mon Sep 17 00:00:00 2001
From: Eugene Bujak <hmage@hmage.net>
Date: Tue, 19 Feb 2019 15:21:19 +0300
Subject: [PATCH] /tls/ -- add ValidCert, without it being true https is not
 usable

---
 config.go  | 1 +
 control.go | 5 ++---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config.go b/config.go
index ccf395d8..13df2174 100644
--- a/config.go
+++ b/config.go
@@ -75,6 +75,7 @@ type tlsConfigSettings struct {
 // field ordering is not important -- these are for API and are recalculated on each run
 type tlsConfigStatus struct {
 	// certificate status
+	ValidCert         bool      `yaml:"-" json:"valid_cert"`
 	ValidChain        bool      `yaml:"-" json:"valid_chain"`
 	Subject           string    `yaml:"-" json:"subject,omitempty"`
 	Issuer            string    `yaml:"-" json:"issuer,omitempty"`
diff --git a/control.go b/control.go
index 13c36d84..26d2d68f 100644
--- a/control.go
+++ b/control.go
@@ -1155,6 +1155,8 @@ func validateCertificates(data tlsConfig) tlsConfig {
 			return data
 		}
 
+		data.ValidCert = true
+
 		// spew.Dump(parsedCerts)
 
 		opts := x509.VerifyOptions{
@@ -1172,9 +1174,6 @@ func validateCertificates(data tlsConfig) tlsConfig {
 			opts.Intermediates = pool
 		}
 
-		// clear out all warnings and statuses
-		data.tlsConfigStatus = tlsConfigStatus{}
-
 		// TODO: save it as a warning rather than error it out -- shouldn't be a big problem
 		mainCert := parsedCerts[0]
 		_, err := mainCert.Verify(opts)