feat(agent): validate TLS certificates before enabling TLS for integrations

Author: yllada

agent/modules/configuration.go

@@ -84,6 +84,9 @@ func ChangeIntegrationStatus(logTyp string, proto string, isEnabled bool, tlsOpt
 		// Handle TLS configuration if specified
 		if len(tlsOptions) > 0 && isEnabled {
 			if tlsOptions[0] {
+				if !utils.CheckIfPathExist(config.IntegrationCertPath) || !utils.CheckIfPathExist(config.IntegrationKeyPath) {
+					return "", fmt.Errorf("TLS certificates not found. Please load certificates first")
+				}
 				// Enable TLS
 				integration.TCP.TLSEnabled = true
 				mod := GetModule(logTyp)
@@ -249,6 +252,7 @@ func EnableTLSForIntegration(logTyp string, proto string) (string, error) {
 		if integration.TCP.Port == "" {
 			return "", fmt.Errorf("TCP port not configured for %s", logTyp)
 		}
+
 		port = integration.TCP.Port
 		integration.TCP.TLSEnabled = true
 

agent/modules/syslog.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"crypto/tls"
 	"errors"
+	"fmt"
 	"io"
 	"net"
 	"os"
@@ -96,6 +97,12 @@ func (m *SyslogModule) GetPort(proto string) string {
 func (m *SyslogModule) EnablePort(proto string, enableTLS bool) error {
 	switch proto {
 	case "tcp":
+		if enableTLS {
+			if !utils.CheckIfPathExist(config.IntegrationCertPath) || !utils.CheckIfPathExist(config.IntegrationKeyPath) {
+				return fmt.Errorf("TLS certificates not found. Please load certificates first")
+			}
+		}
+
 		// Update TLS configuration before enabling
 		m.TCPListener.TLSEnabled = enableTLS
 		go m.enableTCP()