Class: Puppet::SSL::StateMachine::NeedSubmitCSR

Inherits:

KeySSLState

• Object
• SSLState
• KeySSLState
• Puppet::SSL::StateMachine::NeedSubmitCSR

Defined in:

lib/puppet/ssl/state_machine.rb

Overview

Generate and submit a CSR using the CA cert bundle and optional CRL bundle from earlier states. If the request is submitted, proceed to NeedCert, otherwise Wait. This could be due to the server already having a CSR for this host (either the same or different CSR content), having a signed certificate, or a revoked certificate.

Instance Attribute Summary

Attributes inherited from KeySSLState

#private_key

Attributes inherited from SSLState

#ssl_context

Instance Method Summary

• #next_state ⇒ Object

Methods inherited from KeySSLState

#initialize

Methods inherited from SSLState

#initialize, #to_error

Constructor Details

This class inherits a constructor from Puppet::SSL::StateMachine::KeySSLState

Instance Method Details

#next_state ⇒ Object

# File 'lib/puppet/ssl/state_machine.rb', line 212

def next_state
  Puppet.debug(_("Generating and submitting a CSR"))

  csr = @cert_provider.create_request(Puppet[:certname], @private_key)
  route = @machine.session.route_to(:ca, ssl_context: @ssl_context)
  route.put_certificate_request(Puppet[:certname], csr, ssl_context: @ssl_context)
  @cert_provider.save_request(Puppet[:certname], csr)
  NeedCert.new(@machine, @ssl_context, @private_key)
rescue Puppet::HTTP::ResponseError => e
  if e.response.code == 400
    NeedCert.new(@machine, @ssl_context, @private_key)
  else
    to_error(_("Failed to submit the CSR, HTTP response was %{code}") % { code: e.response.code }, e)
  end
end