Misc tweaks on exceptions

2024-09-03 20:06:10 +02:00 · 2016-11-23 11:46:52 -05:00 · 2016-11-23 11:46:52 -05:00 · e66a708520
commit e66a708520
parent ed16cd7f5a
2 changed files with 9 additions and 6 deletions
--- a/locales/en.json
+++ b/locales/en.json
@ -253,5 +253,6 @@
    "certmanager_cert_renew_success" : "Successfully renewed Let's Encrypt certificate for domain {domain:s} !",
    "certmanager_old_letsencrypt_app_detected" : "\nYunohost detected that the 'letsencrypt' app is installed, which conflits with the new built-in certificate management features in Yunohost. If you wish to use the new built-in features, please run the following commands to migrate your installation :\n\n    yunohost app remove letsencrypt\n    yunohost domain cert-install\n\nN.B. : this will attempt to re-install certificates for all domains with a Let's Encrypt certificate or self-signed certificate.",
    "certmanager_hit_rate_limit" :"Too many certificates already issued for exact set of domains {domain:s} recently. Please try again later. See https://letsencrypt.org/docs/rate-limits/ for more details.",
-    "certmanager_cert_signing_failed" : "Signing the new certificate failed."
+    "certmanager_cert_signing_failed" : "Signing the new certificate failed.",
+    "certmanager_no_cert_file" : "Unable to read certificate file for domain {domain:s} (file : {file:s})"
 }
--- a/src/yunohost/certificate.py
+++ b/src/yunohost/certificate.py
@ -155,10 +155,11 @@ def _certificate_install_selfsigned(domain_list, force=False):
    for domain in domain_list:

        # Check we ain't trying to overwrite a good cert !
-        status = _get_status(domain)
+        if (not force) :
+            status = _get_status(domain)

-        if status and status["summary"]["code"] in ('good', 'great') and not force:
-            raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_attempt_to_replace_valid_cert', domain=domain))
+            if status["summary"]["code"] in ('good', 'great') :
+                raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_attempt_to_replace_valid_cert', domain=domain))

        # Paths of files and folder we'll need
        date_tag = datetime.now().strftime("%Y%m%d.%H%M%S")
@ -490,7 +491,8 @@ def _fetch_and_enable_new_certificate(domain, staging=False):
        if ("urn:acme:error:rateLimited" in str(e)):
            raise MoulinetteError(errno.EINVAL,  m18n.n('certmanager_hit_rate_limit', domain=domain))
        else:
-            raise
+            logger.error(str(e))
+            raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_cert_signing_failed'))
    except Exception as e:
        logger.error(str(e))
        raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_cert_signing_failed'))
@ -565,7 +567,7 @@ def _get_status(domain):
    cert_file = os.path.join(CERT_FOLDER, domain, "crt.pem")

    if not os.path.isfile(cert_file):
-        return {}
+        raise MoulinetteError(errno.EINVAL, m18n.n('certmanager_no_cert_file', domain=domain, file=cert_file))

    try:
        cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_file).read())