From 12224209666998371bf150f817c8167714773d7f Mon Sep 17 00:00:00 2001
From: Joao Morais <jcmoraisjr@gmail.com>
Date: Wed, 6 Dec 2017 06:54:12 -0200
Subject: [PATCH] Use default if failing to read the custom cert

---
 pkg/common/ingress/controller/controller.go | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/pkg/common/ingress/controller/controller.go b/pkg/common/ingress/controller/controller.go
index 4877ef191..92a45bf1a 100644
--- a/pkg/common/ingress/controller/controller.go
+++ b/pkg/common/ingress/controller/controller.go
@@ -1084,17 +1084,20 @@ func (ic *GenericController) createServers(data []*extensions.Ingress,
 				continue
 			}
 
+			// From now we want TLS. If assigning a custom
+			// crt failed we end up with the default cert
+			servers[host].SSLCertificate = defaultPemFileName
+			servers[host].SSLPemChecksum = defaultPemSHA
+
 			if tlsSecretName == "" {
 				glog.V(3).Infof("host %v is listed on tls section but secretName is empty. Using default cert", host)
-				servers[host].SSLCertificate = defaultPemFileName
-				servers[host].SSLPemChecksum = defaultPemSHA
 				continue
 			}
 
 			key := ic.GetFullResourceName(tlsSecretName, ing.Namespace)
 			bc, exists := ic.sslCertTracker.Get(key)
 			if !exists {
-				glog.Warningf("ssl certificate \"%v\" does not exist in local store", key)
+				glog.Warningf("ssl certificate \"%v\" does not exist in local store. Using the default cert", key)
 				continue
 			}
 
@@ -1102,7 +1105,7 @@ func (ic *GenericController) createServers(data []*extensions.Ingress,
 			if ic.cfg.VerifyHostname {
 				err = cert.Certificate.VerifyHostname(host)
 				if err != nil {
-					glog.Warningf("ssl certificate %v does not contain a Subject Alternative Name for host %v", key, host)
+					glog.Warningf("ssl certificate %v does not contain a Subject Alternative Name for host %v. Using the default cert", key, host)
 					continue
 				}
 			}