Don't persist the server cert until pairing is successful

Fixes #484

app/backend/nvpairingmanager.cpp

@@ -238,17 +238,18 @@ NvPairingManager::pair(QString appVersion, QString pin, QSslCertificate& serverC
         return PairState::ALREADY_IN_PROGRESS;
     }
 
-    serverCert = QSslCertificate(serverCertStr);
+    QSslCertificate unverifiedServerCert = QSslCertificate(serverCertStr);
-    if (serverCert.isNull()) {
+    if (unverifiedServerCert.isNull()) {
-        Q_ASSERT(!serverCert.isNull());
+        Q_ASSERT(!unverifiedServerCert.isNull());
 
         qCritical() << "Failed to parse plaincert";
         m_Http.openConnectionToString(m_Http.m_BaseUrlHttp, "unpair", nullptr, REQUEST_TIMEOUT_MS);
         return PairState::FAILED;
     }
 
-    // Pin this cert for TLS
+    // Pin this cert for TLS until pairing is complete. If successful, we will propagate
-    m_Http.setServerCert(serverCert);
+    // the cert into the NvComputer object and persist it.
+    m_Http.setServerCert(unverifiedServerCert);
 
     QByteArray randomChallenge = generateRandomBytes(16);
     QByteArray encryptedChallenge = encrypt(randomChallenge, aesKey);
@@ -353,5 +354,6 @@ NvPairingManager::pair(QString appVersion, QString pin, QSslCertificate& serverC
         return PairState::FAILED;
     }
 
+    serverCert = std::move(unverifiedServerCert);
     return PairState::PAIRED;
 }