feat(agent): validate TLS certificates before enabling TLS for integrations

yllada · yllada · commit 164c851aee54 · 2025-10-31T13:30:37.000-04:00
diff --git a/agent/modules/configuration.go b/agent/modules/configuration.go
@@ -69,6 +69,9 @@ func ChangeIntegrationStatus(logTyp string, proto string, isEnabled bool, tlsOpt
 		// Handle TLS configuration if specified
 		if len(tlsOptions) > 0 && isEnabled {
 			if tlsOptions[0] {
+				if !utils.CheckIfPathExist(config.IntegrationCertPath) || !utils.CheckIfPathExist(config.IntegrationKeyPath) {
+					return "", fmt.Errorf("TLS certificates not found. Please load certificates first")
+				}
 				// Enable TLS
 				integration.TCP.TLSEnabled = true
 				mod := GetModule(logTyp)
diff --git a/agent/modules/syslog.go b/agent/modules/syslog.go
@@ -98,6 +98,12 @@ func (m *SyslogModule) GetPort(proto string) string {
 func (m *SyslogModule) EnablePort(proto string, enableTLS bool) error {
 	switch proto {
 	case "tcp":
+		if enableTLS {
+			if !utils.CheckIfPathExist(config.IntegrationCertPath) || !utils.CheckIfPathExist(config.IntegrationKeyPath) {
+				return fmt.Errorf("TLS certificates not found. Please load certificates first")
+			}
+		}
+
 		m.TCPListener.TLSEnabled = enableTLS
 		go m.enableTCP()
 		return nil
