# File lib/puppet/sslcertificates/ca.rb, line 156
156:     def mkrootcert
157:         # Make the root cert's name the FQDN of the host running the CA.
158:         name = Facter["hostname"].value
159:         if domain = Facter["domain"].value
160:             name += "." + domain
161:         end
162:         cert = Certificate.new(
163:             :name => name,
164:             :cert => @config[:cacert],
165:             :encrypt => @config[:capass],
166:             :key => @config[:cakey],
167:             :selfsign => true,
168:             :ttl => ttl,
169:             :type => :ca
170:         )
171: 
172:         # This creates the cakey file
173:         Puppet::Util::SUIDManager.asuser(Puppet[:user], Puppet[:group]) do
174:             @cert = cert.mkselfsigned
175:         end
176:         Puppet.settings.write(:cacert) do |f|
177:             f.puts @cert.to_pem
178:         end
179:         Puppet.settings.write(:capub) do |f|
180:             f.puts @cert.public_key
181:         end
182:         return cert
183:     end