Properly handle CertificateOperationErrors in replication prepration.

The problem here was two-fold: the certs manager was raising an
error it didn't know about and ipa-replica-prepare wasn't catching it.

ticket 249

install/tools/ipa-replica-prepare

@@ -283,7 +283,11 @@ def main():
             print "Copy failed %s" %  e
             sys.exit(1)
         print "Creating SSL certificate for the Directory Server"
-        export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "dscert", replica_fqdn, subject_base)
+        try:
+            export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "dscert", replica_fqdn, subject_base)
+        except errors.CertificateOperationError, e:
+            print "%s" % e
+            sys.exit(1)
 
     if options.http_pin:
         passwd = options.http_pin
@@ -304,7 +308,11 @@ def main():
             sys.exit(1)
     else:
         print "Creating SSL certificate for the Web Server"
-        export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert", replica_fqdn, subject_base)
+        try:
+            export_certdb(api.env.realm, ds_dir, dir, passwd_fname, "httpcert", replica_fqdn, subject_base)
+        except errors.CertificateOperationError, e:
+            print "%s" % e
+            sys.exit(1)
         print "Exporting RA certificate"
         export_ra_pkcs12(dir, dirman_password)
 

ipaserver/install/certs.py

@@ -37,6 +37,7 @@ from ipalib import pkcs10
 from ConfigParser import RawConfigParser
 import service
 from ipalib import x509
+from ipalib.errors import CertificateOperationError
 
 from nss.error import NSPRError
 import nss.nss as nss