279: def verify(name)
280: unless cert = Puppet::SSL::Certificate.find(name)
281: raise ArgumentError, "Could not find a certificate for %s" % name
282: end
283: store = OpenSSL::X509::Store.new
284: store.add_file Puppet[:cacert]
285: store.add_crl crl.content if self.crl
286: store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
287: store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL|OpenSSL::X509::V_FLAG_CRL_CHECK
288:
289: unless store.verify(cert.content)
290: raise CertificateVerificationError.new(store.error), store.error_string
291: end
292: end