ipa cert-show: fix the code setting revocation reason

ipa cert-show wrongly displays all certs as Revoked.
The dogtag plugin code is checking if the JSON data received
from dogtag contains a RevocationReason with:
   if 'RevocationReason' in resp:
but the value can be None.
Replace the check with
   if 'RevocationReason' in resp and esp['RevocationReason'] is not None:
as this will execute the code only if there is a value
and it is not None.

Fixes: https://pagure.io/freeipa/issue/8394
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

ipaserver/plugins/dogtag.py

@@ -1462,12 +1462,18 @@ class ra(rabase.rabase, RestClient):
 
         # Call CMS
         path = 'certs/{}'.format(serial_number)
-        _http_status, _http_headers, http_body = self._ssldo(
+        try:
-            'GET', path, use_session=False,
+            _http_status, _http_headers, http_body = self._ssldo(
-            headers={
+                'GET', path, use_session=False,
-                'Accept': 'application/json',
+                headers={
-            },
+                    'Accept': 'application/json',
-        )
+                },
+            )
+        except errors.HTTPRequestError as e:
+            self.raise_certificate_operation_error(
+                'get_certificate',
+                detail=e.status  # pylint: disable=no-member
+            )
 
         try:
             resp = json.loads(ipautil.decode_json(http_body))
@@ -1493,7 +1499,7 @@ class ra(rabase.rabase, RestClient):
             cmd_result['serial_number'] = unicode(serial)
             cmd_result['serial_number_hex'] = u'0x%X' % serial
 
-        if 'RevocationReason' in resp:
+        if 'RevocationReason' in resp and resp['RevocationReason'] is not None:
             cmd_result['revocation_reason'] = resp['RevocationReason']
 
         return cmd_result