blob: 9ab64d7622f1a2f724e62bb92ec7d93edf123b0d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# Certificate-related helper methods.
require 'puppettest'
module PuppetTest::Certificates
include PuppetTest
def mkPassFile()
keyfile = File.join(@dir, "tmpkeyfile")
@@tmpfiles << keyfile
system("mkdir -p #{@dir}") unless FileTest.exists?(@dir)
File.open(keyfile, "w", 0600) { |f|
f.print "as;dklj23rlkjzdflij23wr"
}
keyfile
end
def mkCA
ca = nil
assert_nothing_raised {
ca = Puppet::SSLCertificates::CA.new()
}
ca
end
def mkStore(ca)
store = OpenSSL::X509::Store.new
store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK
store.add_cert(ca.cert)
store.add_crl(ca.crl)
store
end
def mkcert(hostname)
cert = nil
assert_nothing_raised {
cert = Puppet::SSLCertificates::Certificate.new(:name => hostname)
cert.mkcsr
}
cert
end
def mksignedcert(ca = nil, hostname = nil)
ca ||= mkCA()
hostname ||= "ttltest.example.com"
cert = nil
assert_nothing_raised {
cert, cacert = ca.sign(mkcert(hostname).mkcsr)
}
cert
end
end
|