Class: Puppet::SSL::StateMachine::NeedCert
- Inherits:
-
KeySSLState
- Object
- SSLState
- KeySSLState
- Puppet::SSL::StateMachine::NeedCert
- Defined in:
- lib/puppet/ssl/state_machine.rb
Overview
Attempt to load or retrieve our signed cert.
Instance Attribute Summary
Attributes inherited from KeySSLState
Attributes inherited from SSLState
Instance Method Summary collapse
Methods inherited from KeySSLState
Methods inherited from SSLState
Constructor Details
This class inherits a constructor from Puppet::SSL::StateMachine::KeySSLState
Instance Method Details
#next_state ⇒ Object
157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 |
# File 'lib/puppet/ssl/state_machine.rb', line 157 def next_state cert = OpenSSL::X509::Certificate.new( Puppet::Rest::Routes.get_certificate(Puppet[:certname], @ssl_context) ) # verify client cert before saving next_ctx = @ssl_provider.create_context( cacerts: @ssl_context.cacerts, crls: @ssl_context.crls, private_key: @private_key, client_cert: cert ) @cert_provider.save_client_cert(Puppet[:certname], cert) @cert_provider.delete_request(Puppet[:certname]) Done.new(@machine, next_ctx) rescue Puppet::SSL::SSLError => e Puppet.log_exception(e) Wait.new(@machine, @ssl_context) rescue OpenSSL::X509::CertificateError => e Puppet.log_exception(e, _("Failed to parse certificate: %{message}") % {message: e.}) Wait.new(@machine, @ssl_context) rescue Puppet::Rest::ResponseError => e if e.response.code.to_i == 404 Puppet.info(_("Certificate for %{certname} has not been signed yet") % {certname: Puppet[:certname]}) else Puppet.log_exception(e, _("Failed to retrieve certificate for %{certname}: %{message}") % {certname: Puppet[:certname], message: e.response.}) end Wait.new(@machine, @ssl_context) end |