52: def initialize(hash)
53: raise Puppet::Error, "You must specify the common name for the certificate" unless hash.include?(:name)
54: @name = hash[:name]
55:
56:
57: @cert = @key = @csr = nil
58:
59: if hash.include?(:cert)
60: @certfile = hash[:cert]
61: @dir = File.dirname(@certfile)
62: else
63: @dir = hash[:dir] || Puppet[:certdir]
64: @certfile = File.join(@dir, @name)
65: end
66:
67: @cacertfile ||= File.join(Puppet[:certdir], "ca.pem")
68:
69: Puppet.recmkdir(@dir) unless FileTest.directory?(@dir)
70:
71: unless @certfile =~ /\.pem$/
72: @certfile += ".pem"
73: end
74: @keyfile = hash[:key] || File.join(
75: Puppet[:privatekeydir], [@name,"pem"].join(".")
76: )
77: Puppet.recmkdir(@dir) unless FileTest.directory?(@dir)
78:
79: [@keyfile].each { |file|
80: dir = File.dirname(file)
81:
82: Puppet.recmkdir(dir) unless FileTest.directory?(dir)
83: }
84:
85: @ttl = hash[:ttl] || 365 * 24 * 60 * 60
86: @selfsign = hash[:selfsign] || false
87: @encrypt = hash[:encrypt] || false
88: @replace = hash[:replace] || false
89: @issuer = hash[:issuer] || nil
90:
91: if hash.include?(:type)
92: case hash[:type]
93: when :ca, :client, :server; @type = hash[:type]
94: else
95: raise "Invalid Cert type #{hash[:type]}"
96: end
97: else
98: @type = :client
99: end
100:
101: @params = {:name => @name}
102: [:state, :country, :email, :org, :ou].each { |param|
103: @params[param] = hash[param] if hash.include?(param)
104: }
105:
106: if @encrypt
107: if @encrypt =~ /^\//
108: File.open(@encrypt) { |f|
109: @password = f.read.chomp
110: }
111: else
112: raise Puppet::Error, ":encrypt must be a path to a pass phrase file"
113: end
114: else
115: @password = nil
116: end
117:
118: @selfsign = hash.include?(:selfsign) && hash[:selfsign]
119: end