# File lib/puppet/ssl/certificate_revocation_list.rb, line 26 26: def generate(cert, cakey) 27: Puppet.info "Creating a new certificate revocation list" 28: @content = wrapped_class.new 29: @content.issuer = cert.subject 30: @content.version = 1 31: 32: # Init the CRL number. 33: crlNum = OpenSSL::ASN1::Integer(0) 34: @content.extensions = [OpenSSL::X509::Extension.new("crlNumber", crlNum)] 35: 36: # Set last/next update 37: @content.last_update = Time.now 38: # Keep CRL valid for 5 years 39: @content.next_update = Time.now + 5 * 365*24*60*60 40: 41: @content.sign(cakey, OpenSSL::Digest::SHA1.new) 42: 43: @content 44: end