Fix panic when getting certificates with non-existing store

Co-authored-by: Tom Moulard <tom.moulard@traefik.io>

pkg/tls/tlsmanager.go

@@ -171,6 +171,13 @@ func (m *Manager) Get(storeName, configName string) (*tls.Config, error) {
 			return nil, nil
 		}
 
+		if store == nil {
+			log.WithoutContext().Errorf("TLS: No certificate store found with this name: %q, closing connection", storeName)
+
+			// Same comment as above, as in the isACMETLS case.
+			return nil, nil
+		}
+
 		log.WithoutContext().Debugf("Serving default certificate for request: %q", domainToCheck)
 		return store.DefaultCertificate, nil
 	}

pkg/tls/tlsmanager_test.go

@@ -171,6 +171,36 @@ func TestManager_Get(t *testing.T) {
 	}
 }
 
+func TestManager_Get_GetCertificate(t *testing.T) {
+	testCases := []struct {
+		desc                 string
+		expectedGetConfigErr require.ErrorAssertionFunc
+		expectedCertificate  assert.ValueAssertionFunc
+	}{
+		{
+			desc:                 "Get a default certificate from non-existing store",
+			expectedGetConfigErr: require.Error,
+			expectedCertificate:  assert.Nil,
+		},
+	}
+
+	tlsManager := NewManager()
+
+	for _, test := range testCases {
+		test := test
+		t.Run(test.desc, func(t *testing.T) {
+			t.Parallel()
+
+			config, err := tlsManager.Get("default", "foo")
+			test.expectedGetConfigErr(t, err)
+
+			certificate, err := config.GetCertificate(&tls.ClientHelloInfo{})
+			require.NoError(t, err)
+			test.expectedCertificate(t, certificate)
+		})
+	}
+}
+
 func TestClientAuth(t *testing.T) {
 	tlsConfigs := map[string]Options{
 		"eca": {