New: Add exception to SSL Certificate validation message

(cherry picked from commit d84c4500949a530fac92d73f7f2f8e8462b37244)

src/Prowlarr.Api.V1/Config/CertificateValidator.cs

@@ -0,0 +1,52 @@
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using FluentValidation;
+using FluentValidation.Validators;
+using NLog;
+using NzbDrone.Common.Instrumentation;
+
+namespace Prowlarr.Api.V1.Config
+{
+    public static class CertificateValidation
+    {
+        public static IRuleBuilderOptions<T, string> IsValidCertificate<T>(this IRuleBuilder<T, string> ruleBuilder)
+        {
+            return ruleBuilder.SetValidator(new CertificateValidator());
+        }
+    }
+
+    public class CertificateValidator : PropertyValidator
+    {
+        protected override string GetDefaultMessageTemplate() => "Invalid SSL certificate file or password. {message}";
+
+        private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(CertificateValidator));
+
+        protected override bool IsValid(PropertyValidatorContext context)
+        {
+            if (context.PropertyValue == null)
+            {
+                return false;
+            }
+
+            if (context.InstanceToValidate is not HostConfigResource resource)
+            {
+                return true;
+            }
+
+            try
+            {
+                new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
+
+                return true;
+            }
+            catch (CryptographicException ex)
+            {
+                Logger.Debug(ex, "Invalid SSL certificate file or password. {0}", ex.Message);
+
+                context.MessageFormatter.AppendArgument("message", ex.Message);
+
+                return false;
+            }
+        }
+    }
+}

src/Prowlarr.Api.V1/Config/HostConfigController.cs

@@ -1,7 +1,6 @@
 using System.IO;
 using System.Linq;
 using System.Reflection;
-using System.Security.Cryptography.X509Certificates;
 using FluentValidation;
 using Microsoft.AspNetCore.Mvc;
 using NzbDrone.Common.Extensions;
@@ -61,7 +60,7 @@ public HostConfigController(IConfigFileProvider configFileProvider,
                 .NotEmpty()
                 .IsValidPath()
                 .SetValidator(fileExistsValidator)
-                .Must((resource, path) => IsValidSslCertificate(resource)).WithMessage("Invalid SSL certificate file or password")
+                .IsValidCertificate()
                 .When(c => c.EnableSsl);
 
             SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10);
@@ -74,21 +73,6 @@ public HostConfigController(IConfigFileProvider configFileProvider,
             SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
         }
 
-        private bool IsValidSslCertificate(HostConfigResource resource)
-        {
-            X509Certificate2 cert;
-            try
-            {
-                cert = new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
-            }
-            catch
-            {
-                return false;
-            }
-
-            return cert != null;
-        }
-
         private bool IsMatchingPassword(HostConfigResource resource)
         {
             var user = _userService.FindUser();