All SSL terminus classes now force the CA information into the right place.

Without this, then you could end up duplicating your CA
key into the normal directory depending on how caching
was set up.

Again, this design aspect isn't the most straightforward,
but at least it's functional now.

1 files changed, 9 insertions, 0 deletions

diff --git a/spec/unit/indirector/key/file.rb b/spec/unit/indirector/key/file.rb
index bd0c57c36..8a1cb04bd 100755
--- a/spec/unit/indirector/key/file.rb
+++ b/spec/unit/indirector/key/file.rb
@@ -17,6 +17,15 @@ describe Puppet::SSL::Key::File do
         Puppet::SSL::Key::File.collection_directory.should == "/key/dir"
     end
 
+    it "should store the ca key at the :cakey location" do
+        Puppet.settings.stubs(:use)
+        Puppet.settings.stubs(:value).returns "whatever"
+        Puppet.settings.stubs(:value).with(:cakey).returns "/ca/key"
+        file = Puppet::SSL::Key::File.new
+        file.stubs(:ca?).returns true
+        file.path("whatever").should == "/ca/key"
+    end
+
     describe "when choosing the path for the public key" do
         it "should use the :capub setting location if the key is for the certificate authority" do
             Puppet.settings.stubs(:value).returns "/fake/dir"