Component(s)

No response

Describe the issue you're reporting

When you use configtls.ServerConfig or configtls.ClientConfig, our code eventually calls tls.NewListener. This method, as expected, has the following requirement:

The configuration config must be non-nil and must include at least one certificate or else set GetCertificate.

which means that if you set a TLS configuration without certificates you then get the following runtime error (thanks @jade-guiton-dd for checking this):

2025-06-02T13:16:39.313+0200	error	http/server.go:3487	http: TLS handshake error from 127.0.0.1:59317: tls: no certificates configured	{"resource": {}, "otelcol.component.id": "otlp", "otelcol.component.kind": "receiver", "otelcol.signal": "logs"} 

We can make this into a validation error so that users can detect this faster.

This would mean adding a check in the Validate function for configtls.Config.