Class: PEClient::Resource::PuppetCAV1::CertificateStatus

Inherits:

Base

• Object
• Base
• PEClient::Resource::PuppetCAV1::CertificateStatus

Defined in:

lib/pe_client/resources/puppet_ca.v1/certificate_status.rb

Overview

The certificate_status endpoint allows a client to read or alter the status of a certificate or pending certificate request.

See Also:

• https://help.puppet.com/core/current/Content/PuppetCore/server/http_api/http_certificate_request.htm

Constant Summary

BASE_PATH =

The base path for Puppet CA API v1 Certificate Status endpoints.

"#{PuppetCAV1::BASE_PATH}/certificate_status".freeze

Instance Method Summary

• #delete(hostname) ⇒ String

  Cause the certificate authority to discard all SSL information regarding a host (including any certificates, certificate requests, and keys).

• #get(certname) ⇒ Hash

  Retrieve information about the specified certificate.

• #list(state: nil) ⇒ Array<Hash>

  Retrieve information about all known certificates.

• #update(certname, desired_state, cert_ttl: nil) ⇒ Hash

  Change the status of the specified certificate.

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from PEClient::Resource::Base

Instance Method Details

#delete(hostname) ⇒ String

Note:

PEClient::Resource::PuppetCAV1#clean can be used to accomplish both revoking and cleaning in one request.

Cause the certificate authority to discard all SSL information regarding a host (including any certificates, certificate requests, and keys). This does not revoke the certificate if one is present; if you wish to emulate the behavior of puppet cert –clean, you must #update a desired_state of “revoked” before deleting the host’s SSL information.

Parameters:

• hostname (String)

Returns:

• (String)

# File 'lib/pe_client/resources/puppet_ca.v1/certificate_status.rb', line 73

def delete(hostname)
  @client.delete "#{BASE_PATH}/#{hostname}"
end

#get(certname) ⇒ Hash

Retrieve information about the specified certificate.

Parameters:

• certname (String)

Returns:

• (Hash)

# File 'lib/pe_client/resources/puppet_ca.v1/certificate_status.rb', line 34

def get(certname)
  @client.get "#{BASE_PATH}/#{certname}"
end

#list(state: nil) ⇒ Array<Hash>

Retrieve information about all known certificates.

Parameters:

• state (String) (defaults to: nil) —

  The certificate state by which to filter search results. Valid states are “requested”, “signed”, and “revoked”.

Returns:

• (Array<Hash>)

# File 'lib/pe_client/resources/puppet_ca.v1/certificate_status.rb', line 44

def list(state: nil)
  @client.get "#{BASE_PATH}es/any_key", params: {state:}.compact
end

#update(certname, desired_state, cert_ttl: nil) ⇒ Hash

Note:

Revoking a certificate does not clean up other info about the host; see #delete for more information.

Change the status of the specified certificate. The desired state is sent in the body of the PUT request as a one-item PSON hash; the two allowed complete hashes are:

Parameters:

• certname (String)
• desired_state (String) —

  The desired state for the certificate. Valid states are “signed” and “revoked”.

• cert_ttl (Integer, String) (defaults to: nil) —

  To set the validity period of the signed certificate. Can only be used when the desired_state is “signed”. By default, this key specifies the number of seconds, but you can specify another time unit. See configuration for a list of Puppet’s accepted time unit markers.

Returns:

• (Hash)

# File 'lib/pe_client/resources/puppet_ca.v1/certificate_status.rb', line 61

def update(certname, desired_state, cert_ttl: nil)
  @client.put "#{BASE_PATH}/#{certname}", body: {desired_state:, cert_ttl:}.compact
end