Skip to content

Commit c51bfae

Browse files
tdferreirafroque
tdferreira
authored and
froque
committed
Clarify certificate path errors for missing and non-file Vault CA paths
1 parent f057b09 commit c51bfae

2 files changed

Lines changed: 27 additions & 1 deletion

File tree

src/main/java/com/premiumminds/vault/client/VaultClient.java

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -189,10 +189,17 @@ private HttpClient getClient(Optional<Path> certificate) throws Exception {
189189
return builder.build();
190190
}
191191

192-
private SSLContext getSSLContext(Path certificate) throws Exception {
192+
static void validateCertificatePath(Path certificate) {
193+
if (!Files.exists(certificate)) {
194+
throw new IllegalArgumentException("Vault certificate file does not exist: " + certificate);
195+
}
193196
if (!Files.isRegularFile(certificate)) {
194197
throw new IllegalArgumentException("Vault certificate path is not a file: " + certificate);
195198
}
199+
}
200+
201+
private SSLContext getSSLContext(Path certificate) throws Exception {
202+
validateCertificatePath(certificate);
196203

197204
CertificateFactory cf = CertificateFactory.getInstance("X.509");
198205

src/test/java/com/premiumminds/vault/client/VaultClientTest.java

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -54,6 +54,25 @@ void vaultConfigDirectoryReturnsExplicitError() throws Exception {
5454
}
5555
}
5656

57+
@Test
58+
void missingCertificateReturnsExplicitError() {
59+
final var missingCertificate = tempDir.resolve("missing-ca.pem");
60+
61+
final var exception = assertThrows(IllegalArgumentException.class,
62+
() -> VaultClient.validateCertificatePath(missingCertificate));
63+
assertEquals("Vault certificate file does not exist: " + missingCertificate, exception.getMessage());
64+
}
65+
66+
@Test
67+
void certificateDirectoryReturnsExplicitError() throws Exception {
68+
final var certificateDir = tempDir.resolve("certificate-dir");
69+
Files.createDirectory(certificateDir);
70+
71+
final var exception = assertThrows(IllegalArgumentException.class,
72+
() -> VaultClient.validateCertificatePath(certificateDir));
73+
assertEquals("Vault certificate path is not a file: " + certificateDir, exception.getMessage());
74+
}
75+
5776
@Test
5877
void dynamicCredentials() throws Exception {
5978

0 commit comments

Comments
 (0)