156: def mkrootcert
157:
158: name = Facter["hostname"].value
159: if domain = Facter["domain"].value
160: name += "." + domain
161: end
162: cert = Certificate.new(
163: :name => name,
164: :cert => @config[:cacert],
165: :encrypt => @config[:capass],
166: :key => @config[:cakey],
167: :selfsign => true,
168: :ttl => ttl,
169: :type => :ca
170: )
171:
172:
173: Puppet::Util::SUIDManager.asuser(Puppet[:user], Puppet[:group]) do
174: @cert = cert.mkselfsigned
175: end
176: Puppet.settings.write(:cacert) do |f|
177: f.puts @cert.to_pem
178: end
179: Puppet.settings.write(:capub) do |f|
180: f.puts @cert.public_key
181: end
182: return cert
183: end