From 6a4303120fbdcfd5ceb9438aaae62eacb8c41a73 Mon Sep 17 00:00:00 2001
From: Sean Chittenden <sean@chittenden.org>
Date: Fri, 2 Feb 2018 08:37:23 -0800
Subject: [PATCH] Only read in TLS certs when the key and cert are present.

---
 conn.go | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/conn.go b/conn.go
index ee8d9c81..9509973b 100644
--- a/conn.go
+++ b/conn.go
@@ -953,12 +953,14 @@ func configTLS(args configTLSArgs, cc *ConnConfig) error {
 		return fmt.Errorf(`both "sslcert" and "sslkey" are required`)
 	}
 
-	cert, err := tls.LoadX509KeyPair(sslcert, sslkey)
-	if err != nil {
-		return errors.Wrap(err, "unable to read cert")
-	}
+	if sslcert != "" && sslkey != "" {
+		cert, err := tls.LoadX509KeyPair(sslcert, sslkey)
+		if err != nil {
+			return errors.Wrap(err, "unable to read cert")
+		}
 
-	cc.TLSConfig.Certificates = []tls.Certificate{cert}
+		cc.TLSConfig.Certificates = []tls.Certificate{cert}
+	}
 
 	return nil
 }