mkrootcert (Puppet::SSLCertificates::CA)

     # File lib/puppet/sslcertificates/ca.rb, line 149
149:   def mkrootcert
150:     # Make the root cert's name "Puppet CA: " plus the FQDN of the host running the CA.
151:     name = "Puppet CA: #{Facter["hostname"].value}"
152:     if domain = Facter["domain"].value
153:       name += ".#{domain}"
154:     end
155: 
156:     cert = Certificate.new(
157:       :name => name,
158:       :cert => @config[:cacert],
159:       :encrypt => @config[:capass],
160:       :key => @config[:cakey],
161:       :selfsign => true,
162:       :ttl => ttl,
163:       :type => :ca
164:     )
165: 
166:     # This creates the cakey file
167:     Puppet::Util::SUIDManager.asuser(Puppet[:user], Puppet[:group]) do
168:       @cert = cert.mkselfsigned
169:     end
170:     Puppet.settings.write(:cacert) do |f|
171:       f.puts @cert.to_pem
172:     end
173:     Puppet.settings.write(:capub) do |f|
174:       f.puts @cert.public_key
175:     end
176:     cert
177:   end