# File lib/puppet/ssl/host.rb, line 168
168:     def certificate
169:         unless @certificate
170:             generate_key unless key
171: 
172:             # get the CA cert first, since it's required for the normal cert
173:             # to be of any use.
174:             return nil unless Certificate.find("ca") unless ca?
175:             return nil unless @certificate = Certificate.find(name)
176: 
177:             unless certificate_matches_key?
178:                 raise Puppet::Error, "Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key"
179:             end
180:         end
181:         @certificate
182:     end