diff --git a/acertmgr/__init__.py b/acertmgr/__init__.py
index 7e30be3..9d288dc 100755
--- a/acertmgr/__init__.py
+++ b/acertmgr/__init__.py
@@ -95,7 +95,7 @@ def cert_get(settings):
             crt_final = settings['cert_file']
             shutil.copy2(crt_file, crt_final)
             os.chmod(crt_final, stat.S_IREAD)
-            if "static_ca" in settings and not settings['static_ca']:
+            if "static_ca" in settings and not settings['static_ca'] and ca is not None:
                 with io.open(settings['ca_file'], "w") as ca_fd:
                     ca_fd.write(tools.convert_cert_to_pem(ca))
     finally:
diff --git a/acertmgr/tools.py b/acertmgr/tools.py
index 29199d4..d11c1b2 100644
--- a/acertmgr/tools.py
+++ b/acertmgr/tools.py
@@ -118,11 +118,17 @@ def download_issuer_ca(cert):
             break
 
     if not ca_issuers:
-        raise Exception("Could not determine issuer CA for given certificate: {}".format(cert))
+        print("Could not determine issuer CA for given certificate: {}".format(cert))
+        return None
 
     print("Downloading CA certificate from {}".format(ca_issuers))
-    cadata = get_url(ca_issuers).read()
-    return x509.load_der_x509_certificate(cadata, default_backend())
+    resp = get_url(ca_issuers)
+    code = resp.getcode()
+    if  code >= 400:
+        print("Could not download issuer CA (error {}) for given certificate: {}".format(code, cert))
+        return None
+
+    return x509.load_der_x509_certificate(resp.read(), default_backend())
 
 
 # @brief convert certificate to PEM format