When using TLS without client verification, the parameter -web.tls.ca is not required (as far as I understand). However, it is required to pass a (valid?) CA path, otherwise startup fails with
main.go:168] Could not open ca file,, open : no such file or directory
Current workaround is to pass some dummy CA.
It should be possible to load the CA only when -web.tls.verify is set.
When using TLS without client verification, the parameter
-web.tls.cais not required (as far as I understand). However, it is required to pass a (valid?) CA path, otherwise startup fails withCurrent workaround is to pass some dummy CA. It should be possible to load the CA only when
-web.tls.verifyis set.