From ba0e03d45478ac8d3bca3d00e4ee8118185ad2b8 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Mon, 29 Jan 2018 14:17:01 -0500
Subject: [PATCH] Provide a catchall for general certificate mismatch

Beyond the special partial cases for firmware/hardware inventory,
provide a catchall for invalid public keys and a message for it.
---
 .../confluent/plugins/hardwaremanagement/ipmi.py             | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py b/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
index 5003f252..93e689b4 100644
--- a/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
+++ b/confluent_server/confluent/plugins/hardwaremanagement/ipmi.py
@@ -350,6 +350,11 @@ def perform_request(operator, node, element,
                 raise
         except exc.TargetEndpointUnreachable as tu:
             results.put(msg.ConfluentTargetTimeout(node, str(tu)))
+        except exc.PubkeyInvalid:
+            results.put(msg.ConfluentNodeError(
+                node,
+                'Mismatch detected between target certificate fingerprint '
+                'and pubkeys.tls_hardwaremanager attribute'))
         except Exception as e:
             results.put(e)
         finally: