2 files changed, 20 insertions, 6 deletions

diff --git a/src/leap/config/providerconfig.py b/src/leap/config/providerconfig.py
index 744199f8..eb097034 100644
--- a/src/leap/config/providerconfig.py
+++ b/src/leap/config/providerconfig.py
@@ -21,13 +21,20 @@ Provider configuration
 import logging
 import os
 
-from leap.common.check import leap_assert
+from leap.common.check import leap_check
 from leap.common.config.baseconfig import BaseConfig, LocalizedKey
 from leap.config.provider_spec import leap_provider_spec
 
 logger = logging.getLogger(__name__)
 
 
+class MissingCACert(Exception):
+    """
+    Raised when a CA certificate is needed but not found.
+    """
+    pass
+
+
 class ProviderConfig(BaseConfig):
     """
     Provider configuration abstraction class
@@ -118,6 +125,8 @@ class ProviderConfig(BaseConfig):
     def get_ca_cert_path(self, about_to_download=False):
         """
         Returns the path to the certificate for the current provider.
+        It may raise MissingCACert if
+        the certificate does not exists and not about_to_download
 
         :param about_to_download: defines wether we want the path to
                                   download the cert or not. This helps avoid
@@ -135,8 +144,9 @@ class ProviderConfig(BaseConfig):
                                  "cacert.pem")
 
         if not about_to_download:
-            leap_assert(os.path.exists(cert_path),
-                        "You need to download the certificate first")
+            cert_exists = os.path.exists(cert_path)
+            error_msg = "You need to download the certificate first"
+            leap_check(cert_exists, error_msg, MissingCACert)
             logger.debug("Going to verify SSL against %s" % (cert_path,))
 
         return cert_path
diff --git a/src/leap/services/eip/providerbootstrapper.py b/src/leap/services/eip/providerbootstrapper.py
index 723475b8..bf5938dc 100644
--- a/src/leap/services/eip/providerbootstrapper.py
+++ b/src/leap/services/eip/providerbootstrapper.py
@@ -29,7 +29,7 @@ from PySide import QtCore
 from leap.common.certs import get_digest
 from leap.common.files import check_and_fix_urw_only, get_mtime, mkdir_p
 from leap.common.check import leap_assert, leap_assert_type, leap_check
-from leap.config.providerconfig import ProviderConfig
+from leap.config.providerconfig import ProviderConfig, MissingCACert
 from leap.util.request_helpers import get_content
 from leap.util.constants import REQUEST_TIMEOUT
 from leap.services.abstractbootstrapper import AbstractBootstrapper
@@ -147,8 +147,12 @@ class ProviderBootstrapper(AbstractBootstrapper):
         if mtime:  # the provider.json exists
             provider_config = ProviderConfig()
             provider_config.load(provider_json)
-            uri = provider_config.get_api_uri() + '/provider.json'
-            verify = provider_config.get_ca_cert_path()
+            try:
+                verify = provider_config.get_ca_cert_path()
+                uri = provider_config.get_api_uri() + '/provider.json'
+            except MissingCACert:
+                # get_ca_cert_path fails if the certificate does not exists.
+                pass
 
         logger.debug("Requesting for provider.json... "
                      "uri: {0}, verify: {1}, headers: {2}".format(