245: def sign(hostname, cert_type = :server, self_signing_csr = nil)
246:
247: if self_signing_csr
248: csr = self_signing_csr
249: issuer = csr.content
250: else
251: unless csr = Puppet::SSL::CertificateRequest.find(hostname)
252: raise ArgumentError, "Could not find certificate request for %s" % hostname
253: end
254: issuer = host.certificate.content
255: end
256:
257: cert = Puppet::SSL::Certificate.new(hostname)
258: cert.content = Puppet::SSL::CertificateFactory.new(cert_type, csr.content, issuer, next_serial).result
259: cert.content.sign(host.key.content, OpenSSL::Digest::SHA1.new)
260:
261: Puppet.notice "Signed certificate request for %s" % hostname
262:
263:
264:
265:
266: inventory.add(cert)
267:
268:
269:
270: cert.save
271:
272:
273: Puppet::SSL::CertificateRequest.destroy(csr.name) unless self_signing_csr
274:
275: return cert
276: end