From 788703ce12b9e3783fe6cd3ce00d3ebf98caf9e3 Mon Sep 17 00:00:00 2001
From: sayali <scharhate@netflix.com>
Date: Tue, 20 Oct 2020 16:43:57 -0700
Subject: [PATCH 1/2] Fix cert reissue when L/OU is not set
 get_certificate_primitives complains with None L/OU

---
 lemur/certificates/schemas.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py
index cc0a607e..77f49c9b 100644
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@@ -353,6 +353,12 @@ class CertificateOutputSchema(LemurOutputSchema):
                 data.pop("organization", None)
                 data.pop("organizational_unit", None)
 
+        # Removing optional fields if None, else it complains in de-serialization
+        if "location" in data and data["location"] is None:
+            data.pop("location")
+        if "organizational_unit" in data and data["organizational_unit"] is None:
+            data.pop("organizational_unit")
+
 
 class CertificateShortOutputSchema(LemurOutputSchema):
     id = fields.Integer()

From 01dddd2a557286cbf8ecf1229ec5ed51518fd65f Mon Sep 17 00:00:00 2001
From: sayali <scharhate@netflix.com>
Date: Tue, 20 Oct 2020 17:17:28 -0700
Subject: [PATCH 2/2] iterate over subject details

---
 lemur/certificates/schemas.py | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py
index 77f49c9b..3dc864e7 100644
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@@ -340,6 +340,8 @@ class CertificateOutputSchema(LemurOutputSchema):
 
     @post_dump
     def handle_subject_details(self, data):
+        subject_details = ["country", "state", "location", "organization", "organizational_unit"]
+
         # Remove subject details if authority is CA/Browser Forum compliant. The code will use default set of values in that case.
         # If CA/Browser Forum compliance of an authority is unknown (None), it is safe to fallback to default values. Thus below
         # condition checks for 'not False' ==> 'True or None'
@@ -347,17 +349,13 @@ class CertificateOutputSchema(LemurOutputSchema):
             is_cab_compliant = data.get("authority").get("isCabCompliant")
 
             if is_cab_compliant is not False:
-                data.pop("country", None)
-                data.pop("state", None)
-                data.pop("location", None)
-                data.pop("organization", None)
-                data.pop("organizational_unit", None)
+                for field in subject_details:
+                    data.pop(field, None)
 
-        # Removing optional fields if None, else it complains in de-serialization
-        if "location" in data and data["location"] is None:
-            data.pop("location")
-        if "organizational_unit" in data and data["organizational_unit"] is None:
-            data.pop("organizational_unit")
+        # Removing subject fields if None, else it complains in de-serialization
+        for field in subject_details:
+            if field in data and data[field] is None:
+                data.pop(field)
 
 
 class CertificateShortOutputSchema(LemurOutputSchema):