Certificates that can't be loaded are fatal

dnscrypt-proxy/serversInfo.go

@@ -407,7 +407,7 @@ func fetchDoHServerInfo(proxy *Proxy, name string, stamp stamps.ServerStamp, isN
 		dohClientCreds, ok = (*proxy.dohCreds)["*"]
 	}
 	if ok {
-		dlog.Noticef("[%s] Cert: %s, Key: %s", name, dohClientCreds.clientCert, dohClientCreds.clientKey)
+		dlog.Noticef("Enabling TLS authentication for [%s]", name)
 		proxy.xTransport.tlsClientCreds = dohClientCreds
 		proxy.xTransport.rebuildTransport()
 	}

dnscrypt-proxy/xtransport.go

@@ -162,7 +162,7 @@ func (xTransport *XTransport) rebuildTransport() {
 	if (clientCreds != DOHClientCreds{}) {
 		cert, err := tls.LoadX509KeyPair(clientCreds.clientCert, clientCreds.clientKey)
 		if err != nil {
-			dlog.Error(err)
+			dlog.Fatalf("Unable to use certificate [%v] (key: [%v]): %v", clientCreds.clientCert, clientCreds.clientKey, err)
 		}
 		tlsClientConfig.Certificates = []tls.Certificate{cert}
 	}