class Puppet::HTTP::Service::Ca

The CA service is used to handle certificate related REST requests.

@api public

Constants

API

@return [String] default API for the ca service

HEADERS

@return [Hash] default headers for the ca service

Public Class Methods

new(client, session, server, port) click to toggle source

Use `Puppet::HTTP::Session.route_to(:ca)` to create or get an instance of this class.

@param [Puppet::HTTP::Client] client @param [Puppet::HTTP::Session] session @param [String] server (`Puppet`) If an explicit server is given,

create a service using that server. If server is nil, the default value
is used to create the service.

@param [Integer] port (`Puppet`) If an explicit port is given, create

a service using that port. If port is nil, the default value is used to
create the service.
Calls superclass method Puppet::HTTP::Service::new
   # File lib/puppet/http/service/ca.rb
22 def initialize(client, session, server, port)
23   url = build_url(API, server || Puppet[:ca_server], port || Puppet[:ca_port])
24   super(client, session, url)
25 end

Public Instance Methods

get_certificate(name, ssl_context: nil) click to toggle source

Submit a GET request to retrieve the named certificate from the server.

@param [String] name name of the certificate to request @param [Puppet::SSL::SSLContext] ssl_context

@return [Array<Puppet::HTTP::Response, String>] An array containing the

request response and the stringified body of the request response

@api public

   # File lib/puppet/http/service/ca.rb
36 def get_certificate(name, ssl_context: nil)
37   response = @client.get(
38     with_base_url("/certificate/#{name}"),
39     headers: add_puppet_headers(HEADERS),
40     options: {ssl_context: ssl_context}
41   )
42 
43   process_response(response)
44 
45   [response, response.body.to_s]
46 end
get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil) click to toggle source

Submit a GET request to retrieve the certificate revocation list from the

server.

@param [Time] if_modified_since If not nil, only download the CRL if it has

been modified since the specified time.

@param [Puppet::SSL::SSLContext] ssl_context

@return [Array<Puppet::HTTP::Response, String>] An array containing the

request response and the stringified body of the request response

@api public

   # File lib/puppet/http/service/ca.rb
59 def get_certificate_revocation_list(if_modified_since: nil, ssl_context: nil)
60   headers = add_puppet_headers(HEADERS)
61   headers['If-Modified-Since'] = if_modified_since.httpdate if if_modified_since
62 
63   response = @client.get(
64     with_base_url("/certificate_revocation_list/ca"),
65     headers: headers,
66     options: {ssl_context: ssl_context}
67   )
68 
69   process_response(response)
70 
71   [response, response.body.to_s]
72 end
put_certificate_request(name, csr, ssl_context: nil) click to toggle source

Submit a PUT request to send a certificate request to the server.

@param [String] name The name of the certificate request being sent @param [OpenSSL::X509::Request] csr Certificate request to send to the

server

@param [Puppet::SSL::SSLContext] ssl_context

@return [Puppet::HTTP::Response] The request response

@api public

    # File lib/puppet/http/service/ca.rb
 84 def put_certificate_request(name, csr, ssl_context: nil)
 85   headers = add_puppet_headers(HEADERS)
 86   headers['Content-Type'] = 'text/plain'
 87 
 88   response = @client.put(
 89     with_base_url("/certificate_request/#{name}"),
 90     csr.to_pem,
 91     headers: headers,
 92     options: {
 93       ssl_context: ssl_context
 94     }
 95   )
 96 
 97   process_response(response)
 98 
 99   response
100 end