Class: Puppet::SSL::StateMachine::NeedSubmitCSR Private

Inherits:

KeySSLState

Object
SSLState
KeySSLState
Puppet::SSL::StateMachine::NeedSubmitCSR

show all

Defined in:: lib/puppet/ssl/state_machine.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Generate and submit a CSR using the CA cert bundle and optional CRL bundle from earlier states. If the request is submitted, proceed to NeedCert, otherwise Wait. This could be due to the server already having a CSR for this host (either the same or different CSR content), having a signed certificate, or a revoked certificate.

Instance Attribute Summary

Attributes inherited from KeySSLState

#private_key

Attributes inherited from SSLState

#ssl_context

Instance Method Summary collapse

#next_state ⇒ Object private

Methods inherited from KeySSLState

#initialize

Methods inherited from SSLState

#initialize, #log_error, #to_error

Constructor Details

This class inherits a constructor from Puppet::SSL::StateMachine::KeySSLState

Instance Method Details

#next_state ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

# File 'lib/puppet/ssl/state_machine.rb', line 315

def next_state
  Puppet.debug(_("Generating and submitting a CSR"))

  csr = @cert_provider.create_request(Puppet[:certname], @private_key)
  route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
  route.put_certificate_request(Puppet[:certname], csr, ssl_context: @ssl_context)
  @cert_provider.save_request(Puppet[:certname], csr)
  NeedCert.new(@machine, @ssl_context, @private_key)
rescue Puppet::HTTP::ResponseError => e
  if e.response.code == 400
    NeedCert.new(@machine, @ssl_context, @private_key)
  else
    to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
  end
end