From bee883c4e017ebe7f7e563fef143e910d31421c1 Mon Sep 17 00:00:00 2001
From: Chelsea Holland Komlo <me@chelseakomlo.com>
Date: Wed, 29 Nov 2017 12:54:05 -0500
Subject: [PATCH] check error on generating tls context

---
 nomad/server.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/nomad/server.go b/nomad/server.go
index d5f4de3e7..bad487365 100644
--- a/nomad/server.go
+++ b/nomad/server.go
@@ -239,6 +239,9 @@ func NewServer(config *Config, consulCatalog consul.CatalogAPI, logger *log.Logg
 	// Configure TLS
 	tlsConf := config.tlsConfig()
 	incomingTLS, tlsWrap, err := getTLSConf(config.TLSConfig.EnableRPC, tlsConf)
+	if err != nil {
+		return nil, err
+	}
 
 	// Create the ACL object cache
 	aclCache, err := lru.New2Q(aclCacheSize)
@@ -382,11 +385,16 @@ func (s *Server) ReloadTLSConnections(newTLSConfig *config.TLSConfig) error {
 
 	tlsConf := s.config.tlsConfig()
 	incomingTLS, tlsWrap, err := getTLSConf(s.config.TLSConfig.EnableRPC, tlsConf)
+	if err != nil {
+		s.logger.Printf("[ERR] nomad: unable to reset TLS context")
+		return err
+	}
 
 	if s.rpcCancel == nil {
 		s.logger.Printf("[ERR] nomad: No TLS Context to reset")
 		return fmt.Errorf("Unable to reset tls context")
 	}
+
 	s.rpcCancel()
 
 	s.rpcTLSLock.Lock()