55: def initialize(hash)
56: unless hash.include?(:name)
57: raise Puppet::Error, "You must specify the common name for the certificate"
58: end
59: @name = hash[:name]
60:
61:
62: @cert = @key = @csr = nil
63:
64: if hash.include?(:cert)
65: @certfile = hash[:cert]
66: @dir = File.dirname(@certfile)
67: else
68: @dir = hash[:dir] || Puppet[:certdir]
69: @certfile = File.join(@dir, @name)
70: end
71:
72: @cacertfile ||= File.join(Puppet[:certdir], "ca.pem")
73:
74: unless FileTest.directory?(@dir)
75: Puppet.recmkdir(@dir)
76: end
77:
78: unless @certfile =~ /\.pem$/
79: @certfile += ".pem"
80: end
81: @keyfile = hash[:key] || File.join(
82: Puppet[:privatekeydir], [@name,"pem"].join(".")
83: )
84: unless FileTest.directory?(@dir)
85: Puppet.recmkdir(@dir)
86: end
87:
88: [@keyfile].each { |file|
89: dir = File.dirname(file)
90:
91: unless FileTest.directory?(dir)
92: Puppet.recmkdir(dir)
93: end
94: }
95:
96: @ttl = hash[:ttl] || 365 * 24 * 60 * 60
97: @selfsign = hash[:selfsign] || false
98: @encrypt = hash[:encrypt] || false
99: @replace = hash[:replace] || false
100: @issuer = hash[:issuer] || nil
101:
102: if hash.include?(:type)
103: case hash[:type]
104: when :ca, :client, :server; @type = hash[:type]
105: else
106: raise "Invalid Cert type %s" % hash[:type]
107: end
108: else
109: @type = :client
110: end
111:
112: @params = {:name => @name}
113: [:state, :country, :email, :org, :ou].each { |param|
114: if hash.include?(param)
115: @params[param] = hash[param]
116: end
117: }
118:
119: if @encrypt
120: if @encrypt =~ /^\//
121: File.open(@encrypt) { |f|
122: @password = f.read.chomp
123: }
124: else
125: raise Puppet::Error, ":encrypt must be a path to a pass phrase file"
126: end
127: else
128: @password = nil
129: end
130:
131: if hash.include?(:selfsign)
132: @selfsign = hash[:selfsign]
133: else
134: @selfsign = false
135: end
136: end