We have a basically functional CA -- it can sign

requests and return certificates.  There's still plenty
more work to do, but I'm probably not much more than a
day away from redoing puppetca to use this code.

1 files changed, 6 insertions, 4 deletions

diff --git a/lib/puppet/ssl/certificate_factory.rb b/lib/puppet/ssl/certificate_factory.rb
index 47b9f74d7..4b1669804 100644
--- a/lib/puppet/ssl/certificate_factory.rb
+++ b/lib/puppet/ssl/certificate_factory.rb
@@ -58,9 +58,11 @@ class Puppet::SSL::CertificateFactory
 
         method = "add_#{@cert_type.to_s}_extensions"
 
-        raise ArgumentError, "%s is an invalid certificate type" % @cert_type unless respond_to?(method)
-
-        send(method)
+        begin
+            send(method)
+        rescue NoMethodError
+            raise ArgumentError, "%s is an invalid certificate type" % @cert_type
+        end
 
         @extensions << @ef.create_extension("nsComment", "Puppet Ruby/OpenSSL Generated Certificate")
         @extensions << @ef.create_extension("basicConstraints", @basic_constraint, true)
@@ -72,7 +74,7 @@ class Puppet::SSL::CertificateFactory
         @cert.extensions = @extensions
 
         # for some reason this _must_ be the last extension added
-        @extensions << ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") if @cert_type == :ca
+        @extensions << @ef.create_extension("authorityKeyIdentifier", "keyid:always,issuer:always") if @cert_type == :ca
     end
 
     # TTL for new certificates in seconds. If config param :ca_ttl is set,