From d542203f97be8031e3ced570e29a772d82989fb5 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Fri, 10 Nov 2023 13:54:12 -0600
Subject: [PATCH] Update ServerConfig.get_sslcert()

For consistency, the ServerConfig.get_sslcert() has been
modified to return None if the SSL cert does not exist.
All callers have been modified to check the return value.
---
 base/server/python/pki/server/__init__.py | 16 +++++++++++++++-
 base/server/python/pki/server/cli/http.py |  7 +++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/base/server/python/pki/server/__init__.py b/base/server/python/pki/server/__init__.py
index eed466d7f49..936055fe6dc 100644
--- a/base/server/python/pki/server/__init__.py
+++ b/base/server/python/pki/server/__init__.py
@@ -278,6 +278,9 @@ def export_ca_cert(self):
 
         sslcert = server_config.get_sslcert(sslhost)
 
+        if sslcert is None:
+            raise Exception('Missing SSL certificate')
+
         keystore_type = sslcert.get('certificateKeystoreType')
         keystore_provider = sslcert.get('certificateKeystoreProvider')
 
@@ -1336,6 +1339,9 @@ def get_sslserver_cert_nickname(self):
 
         sslcert = server_config.get_sslcert(sslhost)
 
+        if sslcert is None:
+            raise Exception('Missing SSL certificate')
+
         return sslcert.get('certificateKeyAlias')
 
     def set_sslserver_cert_nickname(self, nickname, token=None):
@@ -1359,6 +1365,10 @@ def set_sslserver_cert_nickname(self, nickname, token=None):
             raise Exception('Missing SSL host')
 
         sslcert = server_config.get_sslcert(sslhost)
+
+        if sslcert is None:
+            raise Exception('Missing SSL certificate')
+
         sslcert.set('certificateKeyAlias', fullname)
         server_config.save()
 
@@ -1905,7 +1915,7 @@ def get_sslcert(self, sslhost, certType='UNDEFINED'):
             if t == certType:
                 return sslcert
 
-        raise KeyError('SSL certificate not found: %s' % certType)
+        return None
 
     def create_sslcert(self, sslhost, certType='UNDEFINED'):
         '''
@@ -1923,6 +1933,10 @@ def create_sslcert(self, sslhost, certType='UNDEFINED'):
     def remove_sslcert(self, sslhost, certType):
 
         sslcert = self.get_sslcert(sslhost, certType)
+
+        if sslcert is None:
+            raise Exception('SSL certificate not found: %s' % certType)
+
         sslhost.remove(sslcert)
 
     def get_realm(self, className):
diff --git a/base/server/python/pki/server/cli/http.py b/base/server/python/pki/server/cli/http.py
index 14733b4c1a7..1e02d20bac1 100644
--- a/base/server/python/pki/server/cli/http.py
+++ b/base/server/python/pki/server/cli/http.py
@@ -1274,11 +1274,10 @@ def execute(self, argv):
         if sslhost is None:
             raise Exception('SSL host not found: %s' % hostname)
 
-        try:
-            server_config.get_sslcert(sslhost, certType)
+        sslcert = server_config.get_sslcert(sslhost, certType)
+
+        if sslcert is not None:
             raise Exception('SSL certificate already exists: %s' % certType)
-        except KeyError:
-            pass
 
         sslcert = server_config.create_sslcert(sslhost, certType)