RavenDB-22990 fix NRE at WhoAmI when cert is invalid

src/Raven.Server/Web/Authentication/AdminCertificatesHandler.cs

@@ -679,6 +679,11 @@ public async Task WhoAmI()
                         };
                         certificate = ctx.ReadObject(wellKnownCertDef.ToJson(), "WellKnown/Certificate/Definition");
                     }
+                    else
+                    {
+                        NoContentStatus();
+                        return;
+                    }
                 }
 
                 await using (var writer = new AsyncBlittableJsonTextWriter(ctx, ResponseBodyStream()))

test/SlowTests/Issues/RavenDB-19951.cs

@@ -269,6 +269,23 @@ await store.Maintenance.Server.SendAsync(new EditClientCertificateOperation(new
         }
     }
 
+    [RavenFact(RavenTestCategory.Security)]
+    public async Task CanAccessWhoAmIWithBadCertificate()
+    {
+        var certificates = Certificates.SetupServerAuthentication();
+        var adminCert = Certificates.RegisterClientCertificate(certificates.ServerCertificate.Value, certificates.ClientCertificate1.Value, new Dictionary<string, DatabaseAccess>(), SecurityClearance.ClusterAdmin);
+        var userCert = certificates.ClientCertificate2.Value;
+
+        using (var store = GetDocumentStore(new Options
+               {
+                   AdminCertificate = adminCert, 
+                   ClientCertificate = userCert
+               }))
+        {
+            var client = new TwoFactorClient(store, userCert);
+            await client.WhoAmIRequest();
+        }
+    }
 
     class TwoFactorClient : IDisposable
     {