Keep track of all of our known certificates.
Add a certificate to our inventory.
# File lib/puppet/ssl/inventory.rb, line 9 def add(cert) cert = cert.content if cert.is_a?(Puppet::SSL::Certificate) Puppet.settings.setting(:cert_inventory).open("a") do |f| f.print format(cert) end end
Format our certificate for output.
# File lib/puppet/ssl/inventory.rb, line 17 def format(cert) iso = '%Y-%m-%dT%H:%M:%S%Z' "0x%04x %s %s %s\n" % [cert.serial, cert.not_before.strftime(iso), cert.not_after.strftime(iso), cert.subject] end
Rebuild the inventory from scratch. This should happen if the file is entirely missing or if it’s somehow corrupted.
# File lib/puppet/ssl/inventory.rb, line 28 def rebuild Puppet.notice "Rebuilding inventory file" Puppet.settings.setting(:cert_inventory).open('w') do |f| Puppet::SSL::Certificate.indirection.search("*").each do |cert| f.print format(cert.content) end end end
Find the serial number for a given certificate.
# File lib/puppet/ssl/inventory.rb, line 39 def serial(name) Puppet.deprecation_warning 'Inventory#serial is deprecated, use Inventory#serials instead.' return nil unless Puppet::FileSystem.exist?(@path) serials(name).first end
Find all serial numbers for a given certificate. If none can be found, returns an empty array.
# File lib/puppet/ssl/inventory.rb, line 47 def serials(name) return [] unless Puppet::FileSystem.exist?(@path) File.readlines(@path).collect do |line| /^(\S+).+\/CN=#{name}$/.match(line) end.compact.map { |m| Integer(m[1]) } end
# File lib/puppet/ssl/inventory.rb, line 22 def initialize @path = Puppet[:cert_inventory] end