From 0f084772ad349055d09a9b225a95d62e39262edf Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Wed, 26 Jul 2023 10:39:37 -0500
Subject: [PATCH] Update log messages in PKIDeployer

---
 .../python/pki/server/deployment/__init__.py  | 20 +++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/base/server/python/pki/server/deployment/__init__.py b/base/server/python/pki/server/deployment/__init__.py
index ab5038d2061..b4d4e0f6110 100644
--- a/base/server/python/pki/server/deployment/__init__.py
+++ b/base/server/python/pki/server/deployment/__init__.py
@@ -572,8 +572,11 @@ def import_server_pkcs12(self, subsystem):
 
         pki_server_pkcs12_path = self.mdict['pki_server_pkcs12_path']
         if not pki_server_pkcs12_path:
+            # no PKCS #12 file to import
             return
 
+        logger.info('Importing certs and keys from %s', pki_server_pkcs12_path)
+
         pki_server_pkcs12_password = self.mdict['pki_server_pkcs12_password']
         if not pki_server_pkcs12_password:
             raise Exception('Missing pki_server_pkcs12_password property')
@@ -618,12 +621,13 @@ def import_clone_pkcs12(self, subsystem):
         '''
 
         pki_clone_pkcs12_path = self.mdict['pki_clone_pkcs12_path']
-
         if not pki_clone_pkcs12_path:
+            # no PKCS #12 file to import
             return
 
-        pki_clone_pkcs12_password = self.mdict['pki_clone_pkcs12_password']
+        logger.info('Importing certs and keys from %s', pki_clone_pkcs12_path)
 
+        pki_clone_pkcs12_password = self.mdict['pki_clone_pkcs12_password']
         if not pki_clone_pkcs12_password:
             raise Exception('Missing pki_clone_pkcs12_password property')
 
@@ -645,8 +649,6 @@ def import_clone_pkcs12(self, subsystem):
                 password_file=pki_shared_pfile)
 
             try:
-                logger.info('Importing certificates from %s:', pki_clone_pkcs12_path)
-
                 # The PKCS12 class requires an NSS database to run. For simplicity
                 # it uses the NSS database that has just been created.
                 pkcs12 = pki.pkcs12.PKCS12(
@@ -1883,10 +1885,16 @@ def import_system_cert_request(self, subsystem, tag):
         cert_id = self.get_cert_id(subsystem, tag)
 
         csr_path = self.mdict.get('pki_%s_csr_path' % cert_id)
-        if not csr_path or not os.path.exists(csr_path):
+        if not csr_path:
+            # no CSR file to import
             return
 
-        logger.info('Importing %s CSR from %s', tag, csr_path)
+        logger.info('Importing CSR for %s from %s', tag, csr_path)
+
+        b64_csr = subsystem.config.get('%s.%s.certreq' % (subsystem.name, tag))
+        if b64_csr:
+            logger.error('CSR for %s already exists', tag)
+            raise Exception('CSR for %s already exists' % tag)
 
         with open(csr_path, encoding='utf-8') as f:
             csr_data = f.read()