From 1d4ee6ca4245fbdccc2a7a166d5ee49eafc179a0 Mon Sep 17 00:00:00 2001
From: Doug Davis <dug@us.ibm.com>
Date: Thu, 30 Jul 2015 18:38:02 -0700
Subject: [PATCH] Add a test to make sure that --tlsverify=false turn on tls in
 daemon

Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 5ced3ab3236bfe8ade1b5b6663599518086af7da
Component: engine
---
 .../engine/integration-cli/docker_cli_daemon_test.go      | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go
index 8c3b08a441..06cf360b14 100644
--- a/components/engine/integration-cli/docker_cli_daemon_test.go
+++ b/components/engine/integration-cli/docker_cli_daemon_test.go
@@ -1318,6 +1318,14 @@ func (s *DockerDaemonSuite) TestHttpsInfo(c *check.C) {
 	}
 }
 
+// TestTlsVerify verifies that --tlsverify=false turns on tls
+func (s *DockerDaemonSuite) TestTlsVerify(c *check.C) {
+	out, err := exec.Command(dockerBinary, "daemon", "--tlsverify=false").CombinedOutput()
+	if err == nil || !strings.Contains(string(out), "Could not load X509 key pair") {
+		c.Fatalf("Daemon should not have started due to missing certs: %v\n%s", err, string(out))
+	}
+}
+
 // TestHttpsInfoRogueCert connects via two-way authenticated HTTPS to the info endpoint
 // by using a rogue client certificate and checks that it fails with the expected error.
 func (s *DockerDaemonSuite) TestHttpsInfoRogueCert(c *check.C) {