Class: Puppet::SSL::Certificate

Inherits:

Base

Object
Base
Puppet::SSL::Certificate

show all

Extended by:: Indirector

Defined in:: lib/puppet/ssl/certificate.rb

Overview

Manage certificates themselves. This class has no ‘generate’ method because the CA is responsible for turning CSRs into certificates; we can only retrieve them from the CA (or not, as is often the case).

Defined Under Namespace

Classes: Ca, DisabledCa, File, Rest

Constant Summary

Constants included from Indirector

Indirector::BadNameRegexp

Constants inherited from Base

Base::SEPARATOR, Base::VALID_CERTNAME

Instance Attribute Summary

Attributes inherited from Base

#content, #name

Class Method Summary collapse

.supported_formats ⇒ Object

Because of how the format handler class is included, this can’t be in the base class.

Instance Method Summary collapse

#custom_extensions ⇒ Array<Hash{String => String}>

Any extensions registered with custom OIDs as defined in module Puppet::SSL::Oids may be looked up here.
#expiration ⇒ Object
#subject_alt_names ⇒ Object
#unmunged_name ⇒ Object

This name is what gets extracted from the subject before being passed to the constructor, so it’s not downcased.

Methods included from Indirector

configure_routes, indirects

Methods inherited from Base

#ca?, #digest, #digest_algorithm, #fingerprint, from_instance, from_multiple_s, from_s, #generate, #initialize, name_from_subject, #read, #to_data_hash, to_multiple_s, #to_s, #to_text, validate_certname, wrapped_class, wraps

Constructor Details

This class inherits a constructor from Puppet::SSL::Base

Class Method Details

.supported_formats ⇒ `Object`

Because of how the format handler class is included, this can’t be in the base class.



20
21
22

# File 'lib/puppet/ssl/certificate.rb', line 20

def self.supported_formats
  [:s]
end

Instance Method Details

#custom_extensions ⇒ `Array<Hash{String => String}>`

Any extensions registered with custom OIDs as defined in module Puppet::SSL::Oids may be looked up here.

A cert with a ‘pp_uuid’ extension having the value ‘abcd’ would return:

{ ‘oid’ => ‘pp_uuid’, ‘value’ => ‘abcd’}: with key/value pairs for the extension’s oid, and its value.

Returns:

(Array<Hash{String => String}>) —

An array of two element hashes,

# File 'lib/puppet/ssl/certificate.rb', line 50

def custom_extensions
  custom_exts = content.extensions.select do |ext|
    Puppet::SSL::Oids.subtree_of?('ppRegCertExt', ext.oid) or
      Puppet::SSL::Oids.subtree_of?('ppPrivCertExt', ext.oid)
  end

  custom_exts.map do |ext|
    {'oid' => ext.oid, 'value' => get_ext_val(ext.oid)}
  end
end

#expiration ⇒ `Object`

# File 'lib/puppet/ssl/certificate.rb', line 30

def expiration
  return nil unless content
  content.not_after
end

#subject_alt_names ⇒ `Object`

# File 'lib/puppet/ssl/certificate.rb', line 24

def subject_alt_names
  alts = content.extensions.find{|ext| ext.oid == "subjectAltName"}
  return [] unless alts
  alts.value.split(/\s*,\s*/)
end

#unmunged_name ⇒ `Object`

This name is what gets extracted from the subject before being passed to the constructor, so it’s not downcased



37
38
39

# File 'lib/puppet/ssl/certificate.rb', line 37

def unmunged_name
  self.class.name_from_subject(content.subject)
end