Better reporting of certificate parsing issues

[sgnn7]

Summary

Currently, if there is an error in certificate parsing either in the facter or the HFT host manufacturing within the module, the errors are silently eaten and create unhelpful message(s) later down the line when the connection fails. Given that in most cases a problem will result in no certs parsed, we can error out early but we don't.

Dev info:

• Facter cert management
• Client cert management

Steps to Reproduce

Steps to reproduce the behavior:

1. Setup puppet w/ self-signed CA cert
   2 Setup clean Windows host ready (don't run agent yet)
2. Setup conjur HFTs
3. Configure all relevant Conjur facts but use a bad ssl_certificate param
4. Run the agent on the node

Expected Results

Well formed and descriptive errors that there's a problem parsing the certificate(s)

Actual Results (including error logs, if applicable)

Error about "certificate verification failure"

Reproducible

• Always
• Sometimes
• Non-Reproducible

Version/Tag number

Tested on Puppet 6 and pre-3.0.0 version but this error would be visible on puppet 5 and any older version as well probably.

Environment setup

Puppet Master: Docker-compose, v6
Puppet Agent: Windows 2012r2 VM in VirtualBox
Conjur Master: Docker-compose, v5

Additional Information

N/A

[sgnn7]

Released with v3.0.0rc3. Closing.