Revision dff469d9
Added by Ivan Necas almost 10 years ago
| lib/puppet/provider/katello_ssl_tool.rb | ||
|---|---|---|
|
end
|
||
|
end
|
||
|
|
||
|
def generate!
|
||
|
if File.exists?(update_file)
|
||
|
File.delete(update_file)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def generate?
|
||
|
return false unless resource[:generate]
|
||
|
return true if resource[:regenerate]
|
||
|
return true if File.exists?(update_file)
|
||
|
return files_to_generate.any? { |file| ! File.exist?(file) }
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
return rpmfile
|
||
|
end
|
||
|
|
||
|
# file that indicates that a new version of the rpm should be updated
|
||
|
def update_file
|
||
|
self.build_path("#{rpmfile_base_name}.update")
|
||
|
end
|
||
|
|
||
|
def rpmfile_base_name
|
||
|
resource[:name]
|
||
|
end
|
||
| ... | ... | |
|
File.join("/etc/pki/katello-certs-tools", file_name)
|
||
|
end
|
||
|
|
||
|
def build_path(file_name)
|
||
|
def build_path(file_name = '')
|
||
|
self.class.build_path(file_name)
|
||
|
end
|
||
|
|
||
| ... | ... | |
|
File.join("/root/ssl-build", file_name)
|
||
|
end
|
||
|
|
||
|
def ca_details
|
||
|
return @ca_details if defined? @ca_details
|
||
|
if ca_resource = @resource[:ca]
|
||
|
name = ca_resource.to_hash[:name]
|
||
|
@ca_details = Puppet::Provider::KatelloSslTool::Cert.details(name)
|
||
|
else
|
||
|
raise 'Wanted to generate cert without ca specified'
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
|
||
|
class CertFile < Puppet::Provider
|
||
Also available in: Unified diff
Refs #6875 - separate the default CA and server CA
Up until now, we used the default CA for both server and client certificates.
This made practically impossible to issue the server certificates outside of
the installer and pass it in as arguments.
By default, the server CA is the same as default CA, unless the $server_ca_cert
is specified.
In the bootstrap rpm, we ship both server CA (for verifying the server) as well
the default CA (for verifying the qpid by the gofer).