diff options
| -rwxr-xr-x | bin/puppetca | 16 | ||||
| -rw-r--r-- | lib/puppet/sslcertificates/ca.rb | 10 |
2 files changed, 22 insertions, 4 deletions
diff --git a/bin/puppetca b/bin/puppetca index ce78118bc..42bb245a9 100755 --- a/bin/puppetca +++ b/bin/puppetca @@ -32,7 +32,8 @@ # '--genconfig'. # # all:: -# Operate on all outstanding requests. Only makes sense with '--sign'. +# Operate on all outstanding requests. Only makes sense with '--sign', +# or '--list'. # # clean:: # Remove all files related to a host from puppetca's storage. This is @@ -51,7 +52,8 @@ # Print this help message # # list:: -# List outstanding certificate requests. +# List outstanding certificate requests. If '--all' is specified, +# signed certificates are also listed, prefixed by '+'. # # revoke:: # Revoke the certificate of a client. The certificate can be specified @@ -172,7 +174,7 @@ unless mode exit(12) end -if [:generate, :clean, :revoke].include?(mode) +if [:generate, :clean, :revoke, :list].include?(mode) hosts = ARGV.collect { |h| h.downcase } else waiting = ca.list @@ -189,7 +191,13 @@ end case mode when :list - puts waiting.join("\n") + waiting = ca.list + if waiting.length > 0 + puts waiting.join("\n") + end + if all + puts ca.list_signed.collect { |cert | cert.sub(/^/,"+ ") }.join("\n") + end when :clean if hosts.empty? $stderr.puts "You must specify one or more hosts to clean" diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb index e1b5f2386..161eb11b3 100644 --- a/lib/puppet/sslcertificates/ca.rb +++ b/lib/puppet/sslcertificates/ca.rb @@ -142,6 +142,16 @@ class Puppet::SSLCertificates::CA } end + # List signed certificates. This returns a list of hostnames, not actual + # files -- the names can be converted to full paths with host2csrfile. + def list_signed + return Dir.entries(Puppet[:signeddir]).find_all { |file| + file =~ /\.pem$/ + }.collect { |file| + file.sub(/\.pem$/, '') + } + end + # Create the root certificate. def mkrootcert # Make the root cert's name the FQDN of the host running the CA. |