# File lib/puppet/network/client/ca.rb, line 18
18:     def request_cert
19:         Puppet.settings.use(:main, :ssl)
20: 
21:         if cert = read_cert
22:             return cert
23:         end
24: 
25:         begin
26:             cert, cacert = @driver.getcert(csr.to_pem)
27:         rescue => detail
28:             if Puppet[:trace]
29:                 puts detail.backtrace
30:             end
31:             raise Puppet::Error.new("Certificate retrieval failed: %s" % detail)
32:         end
33: 
34:         if cert.nil? or cert == ""
35:             return nil
36:         end
37: 
38:         begin
39:             @cert = OpenSSL::X509::Certificate.new(cert)
40:             @cacert = OpenSSL::X509::Certificate.new(cacert)
41:         rescue => detail
42:             raise InvalidCertificate.new(
43:                 "Invalid certificate: %s" % detail
44:             )
45:         end
46: 
47:         unless @cert.check_private_key(key)
48:             raise InvalidCertificate, "Certificate does not match private key.  Try 'puppetca --clean %s' on the server." % Puppet[:certname]
49:         end
50: 
51:         # Only write the cert out if it passes validating.
52:         Puppet.settings.write(:hostcert) do |f| f.print cert end
53:         Puppet.settings.write(:localcacert) do |f| f.print cacert end
54: 
55:         return @cert
56:     end