puppet 6.22.1 → 6.23.0

data/spec/fixtures/ssl/unknown-127.0.0.1.pem

@@ -6,43 +6,64 @@ Certificate:
         Issuer: CN=Unknown CA
         Validity
             Not Before: Jan  1 00:00:00 1970 GMT
-            Not After : Mar 10 06:54:16 2030 GMT
+            Not After : Apr 18 18:46:23 2031 GMT
         Subject: CN=127.0.0.1
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (1024 bit)
+                RSA Public-Key: (2048 bit)
                 Modulus:
-                    00:c9:00:0c:66:d2:2d:df:a0:cc:4c:a5:7a:5b:67:
-                    10:f1:d2:06:ac:01:0e:da:55:19:a3:dd:b7:85:9c:
-                    f1:53:e6:a9:b4:c7:33:43:55:12:0e:e5:ec:cc:75:
-                    28:e4:d2:36:2a:02:85:9e:a6:58:4e:f3:ba:91:83:
-                    54:d2:b7:46:d4:00:b4:fc:86:9b:db:10:07:a7:8e:
-                    47:e5:f0:27:1f:62:eb:94:68:37:c8:c4:d4:fc:ea:
-                    0e:b0:94:5d:c3:5a:99:08:6c:f3:27:33:71:5a:47:
-                    62:3e:df:18:10:d4:c0:08:2d:f1:47:6b:c1:19:46:
-                    3e:32:2f:b4:57:91:50:4c:8f
+                    00:c3:c8:2b:f4:88:83:50:13:f7:3d:f8:b6:b8:7b:
+                    d0:58:7e:88:9c:a5:c2:30:72:36:9d:9a:d1:73:79:
+                    c1:6d:06:3f:3b:f3:10:b6:87:3d:55:a4:e2:a9:c1:
+                    48:d4:fd:30:8f:36:46:2f:96:bc:a5:e4:35:d9:89:
+                    b2:8b:8b:90:ab:9a:b1:f9:ed:fa:67:3e:ea:27:42:
+                    59:67:bb:69:18:e6:d7:0d:1a:0e:ad:c2:58:62:24:
+                    05:6e:18:39:db:09:7d:96:a5:c9:c7:56:ba:68:e0:
+                    06:27:37:15:e9:5c:f3:bf:b0:29:9b:0d:c7:ea:54:
+                    a7:41:3f:11:11:db:23:3b:23:33:3e:c7:9c:d7:82:
+                    99:23:df:c2:5a:4d:90:2f:73:64:92:bc:b8:f5:b5:
+                    3f:56:e2:5d:95:e2:a8:3f:fa:ed:96:af:b8:3d:63:
+                    fd:cd:24:2d:27:32:c8:41:7e:38:e8:02:3e:87:ce:
+                    ab:f2:40:4d:a2:ec:42:ea:b5:14:ff:9d:ca:4b:d9:
+                    de:84:4d:45:b7:d9:d9:56:7b:e3:7d:af:de:19:76:
+                    91:cb:72:e9:b0:02:ca:8b:75:f8:54:23:ae:03:ab:
+                    ec:48:ba:d6:c9:1a:0b:5b:7d:f9:f1:d7:9a:1a:83:
+                    89:b9:f7:e7:ea:2c:11:2f:0f:c4:63:78:ff:5b:80:
+                    be:0f
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Subject Alternative Name: 
                 DNS:127.0.0.1, DNS:127.0.0.2
     Signature Algorithm: sha256WithRSAEncryption
-         4a:a3:2e:2a:8f:6f:0e:5e:70:19:26:59:05:1d:59:3f:c5:39:
-         49:c4:cd:73:99:f2:08:8c:bc:fa:28:e4:33:38:f1:50:a3:0c:
-         8e:3b:a3:93:9e:37:5c:69:c0:d9:2d:f2:2e:31:d7:5a:61:d6:
-         91:22:6d:3c:1b:4f:c3:b6:57:13:5e:c9:5a:c8:6c:2e:bc:d6:
-         42:5b:f0:64:ec:7e:03:3c:f1:43:d9:f9:b7:f1:37:db:a5:0f:
-         b9:87:f5:4d:01:93:b4:a6:40:05:dc:ca:fd:31:5b:14:66:f0:
-         84:70:48:0c:b8:49:11:3d:f6:9e:aa:e7:b4:21:5b:e6:cc:67:
-         ca:d9
+         c5:f2:04:d3:b9:16:b1:fa:4a:2f:b8:0c:30:ef:ce:bd:2e:4f:
+         25:b6:aa:6f:c8:ae:1a:b4:e7:e6:86:51:28:34:53:ff:58:07:
+         68:d8:a0:ce:79:c7:2f:71:2c:55:1c:67:82:05:7d:f4:ce:d8:
+         b7:d7:71:67:03:e8:a2:38:34:16:83:8c:df:c3:27:80:e2:f9:
+         12:83:a0:49:e1:f3:5f:1d:c0:e2:68:91:77:f0:1d:a6:63:8b:
+         1d:96:ee:46:ec:41:cd:3c:55:63:a9:4b:5c:68:d6:44:67:47:
+         43:4a:21:8b:13:a2:10:06:5c:0f:1b:d5:e7:4d:b3:72:aa:bd:
+         cc:ac:e7:cf:8b:89:51:3c:d0:d3:0e:75:37:91:a0:e4:73:5b:
+         74:80:7d:64:a3:ee:4d:69:7d:97:15:35:1a:a9:a8:2a:f6:12:
+         d1:b7:73:ad:f1:ca:d9:9b:96:d6:66:ac:14:e5:88:2d:7e:ce:
+         20:61:94:4a:18:41:27:8e:2d:ad:45:d7:2e:ff:a8:d6:2c:a2:
+         01:54:28:16:15:84:5e:94:2d:56:a2:90:b3:31:40:3a:a8:04:
+         8d:42:55:45:10:7a:fe:19:4d:d9:b4:ef:95:2e:cf:6e:28:3f:
+         cb:12:7d:aa:34:96:60:b2:29:7e:6c:c3:bd:3b:f7:4c:6e:31:
+         25:60:b5:96
 -----BEGIN CERTIFICATE-----
-MIIBwjCCASugAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApVbmtu
-b3duIENBMB4XDTcwMDEwMTAwMDAwMFoXDTMwMDMxMDA2NTQxNlowFDESMBAGA1UE
-AwwJMTI3LjAuMC4xMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJAAxm0i3f
-oMxMpXpbZxDx0gasAQ7aVRmj3beFnPFT5qm0xzNDVRIO5ezMdSjk0jYqAoWeplhO
-87qRg1TSt0bUALT8hpvbEAenjkfl8CcfYuuUaDfIxNT86g6wlF3DWpkIbPMnM3Fa
-R2I+3xgQ1MAILfFHa8EZRj4yL7RXkVBMjwIDAQABoyMwITAfBgNVHREEGDAWggkx
-MjcuMC4wLjGCCTEyNy4wLjAuMjANBgkqhkiG9w0BAQsFAAOBgQBKoy4qj28OXnAZ
-JlkFHVk/xTlJxM1zmfIIjLz6KOQzOPFQowyOO6OTnjdcacDZLfIuMddaYdaRIm08
-G0/DtlcTXslayGwuvNZCW/Bk7H4DPPFD2fm38TfbpQ+5h/VNAZO0pkAF3Mr9MVsU
-ZvCEcEgMuEkRPfaeque0IVvmzGfK2Q==
+MIICxzCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApVbmtu
+b3duIENBMB4XDTcwMDEwMTAwMDAwMFoXDTMxMDQxODE4NDYyM1owFDESMBAGA1UE
+AwwJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8gr
+9IiDUBP3Pfi2uHvQWH6InKXCMHI2nZrRc3nBbQY/O/MQtoc9VaTiqcFI1P0wjzZG
+L5a8peQ12Ymyi4uQq5qx+e36Zz7qJ0JZZ7tpGObXDRoOrcJYYiQFbhg52wl9lqXJ
+x1a6aOAGJzcV6Vzzv7Apmw3H6lSnQT8REdsjOyMzPsec14KZI9/CWk2QL3Nkkry4
+9bU/VuJdleKoP/rtlq+4PWP9zSQtJzLIQX446AI+h86r8kBNouxC6rUU/53KS9ne
+hE1Ft9nZVnvjfa/eGXaRy3LpsALKi3X4VCOuA6vsSLrWyRoLW3358deaGoOJuffn
+6iwRLw/EY3j/W4C+DwIDAQABoyMwITAfBgNVHREEGDAWggkxMjcuMC4wLjGCCTEy
+Ny4wLjAuMjANBgkqhkiG9w0BAQsFAAOCAQEAxfIE07kWsfpKL7gMMO/OvS5PJbaq
+b8iuGrTn5oZRKDRT/1gHaNigznnHL3EsVRxnggV99M7Yt9dxZwPoojg0FoOM38Mn
+gOL5EoOgSeHzXx3A4miRd/AdpmOLHZbuRuxBzTxVY6lLXGjWRGdHQ0ohixOiEAZc
+DxvV502zcqq9zKznz4uJUTzQ0w51N5Gg5HNbdIB9ZKPuTWl9lxU1GqmoKvYS0bdz
+rfHK2ZuW1masFOWILX7OIGGUShhBJ44trUXXLv+o1iyiAVQoFhWEXpQtVqKQszFA
+OqgEjUJVRRB6/hlN2bTvlS7Pbig/yxJ9qjSWYLIpfmzDvTv3TG4xJWC1lg==
 -----END CERTIFICATE-----

data/spec/fixtures/ssl/unknown-ca-key.pem

@@ -1,67 +1,117 @@
-RSA Private-Key: (1024 bit, 2 primes)
+RSA Private-Key: (2048 bit, 2 primes)
 modulus:
-    00:c1:5e:5d:26:ae:73:17:5a:70:37:ac:42:25:ca:
-    05:10:86:17:23:6c:28:84:48:2a:4a:d4:b0:3a:2a:
-    d8:33:ae:58:67:6f:9b:4f:a6:b4:87:b1:ec:37:00:
-    69:8d:d5:cf:71:8a:96:e1:4a:f8:c8:81:36:f9:43:
-    ad:d8:d6:76:83:27:99:a4:48:17:c2:ef:9c:22:40:
-    4b:c6:58:21:88:e5:1d:37:79:4e:ba:31:e6:52:ec:
-    8c:23:ed:d6:ce:3b:58:ad:82:c7:ae:28:47:d4:e7:
-    cc:31:ac:78:c9:02:87:d0:b1:91:09:f6:1e:9a:c3:
-    4f:f6:5a:fe:a2:21:0e:c0:95
+    00:ea:16:4c:26:71:56:ac:35:bb:2b:f6:1b:18:58:
+    16:0f:1c:39:3f:4d:02:e4:b2:a7:8b:bd:fe:99:57:
+    f2:a5:a8:15:01:79:0d:1d:f6:d9:12:db:d5:26:a2:
+    f6:58:af:4b:2c:aa:46:7a:53:63:9f:1f:1a:9e:1c:
+    fc:9a:8e:20:c8:c8:c8:db:4d:50:8d:4e:19:83:a1:
+    9d:54:49:26:7b:3a:e0:77:1d:7d:88:01:80:46:32:
+    70:47:16:08:71:de:12:94:67:fd:71:1f:41:56:93:
+    15:91:68:bd:05:3b:67:96:1f:7a:4d:d5:1e:b6:ac:
+    41:1f:f0:ce:d3:2d:96:d9:7c:ad:cd:be:b3:32:66:
+    18:03:2c:83:98:f1:e8:96:6f:85:0f:e1:1f:93:d0:
+    f9:09:43:8c:b1:ea:43:26:32:a5:c6:d2:32:75:2d:
+    ed:72:9d:bf:3a:bb:f3:4e:d0:0c:ac:ba:6b:fd:7f:
+    66:d8:12:40:4e:49:e7:d4:ec:70:03:71:37:cb:5e:
+    cc:d3:4f:f3:d2:cc:e2:39:eb:79:6c:71:e5:d1:0e:
+    45:4c:7a:3d:6f:39:e8:16:e7:de:60:eb:01:e7:80:
+    4e:42:1d:1c:33:0a:eb:f9:10:2c:5c:ed:0c:58:0b:
+    8c:fd:6d:f4:19:49:8a:a2:81:ab:04:b0:cb:7a:61:
+    1f:d3
 publicExponent: 65537 (0x10001)
 privateExponent:
-    60:5b:b7:ab:98:ee:fd:4a:31:f5:6c:3f:a2:39:23:
-    80:f2:71:01:53:da:74:e0:c9:42:74:ee:44:6e:29:
-    42:c7:b4:82:06:d9:ac:3d:74:64:d2:42:d5:bd:bc:
-    db:d3:1a:06:88:7b:5b:55:52:d8:07:9b:ef:66:cc:
-    70:eb:9e:2e:2b:7e:c1:34:84:9a:83:34:b2:70:c6:
-    59:72:60:a0:f4:f5:d9:f2:76:ae:bf:7d:23:35:ee:
-    ad:b1:2d:c1:fe:05:7d:5b:7f:2c:da:87:ec:6e:b0:
-    a3:08:c9:bd:e5:30:a4:c2:6e:6e:50:c0:5e:31:f6:
-    33:ef:86:57:64:45:b7:c1
+    00:b5:87:11:0a:86:bd:d5:d1:dd:12:1c:49:aa:b9:
+    34:72:07:4b:05:a1:ac:ea:b8:f8:60:cf:b7:8e:26:
+    bb:8e:67:27:d2:fa:92:87:78:13:a2:22:43:cb:30:
+    78:a5:11:5a:d4:8a:3f:19:41:6d:71:c9:e7:14:52:
+    1a:39:a8:9a:17:da:4c:98:73:fe:51:76:0d:27:1c:
+    bf:2a:cb:87:41:ec:c8:80:d6:a7:b0:3e:a9:c0:c6:
+    00:77:bf:c8:50:b5:0b:e7:76:34:fd:f2:64:f2:c4:
+    20:e7:a0:37:64:c5:4a:71:0a:7c:07:bb:8b:93:d1:
+    44:b7:86:40:7d:57:4f:31:db:98:22:21:d5:f3:b0:
+    57:4e:f6:c9:a4:08:43:3d:d8:ce:59:aa:a7:1f:da:
+    93:40:11:cf:8c:14:9d:f3:10:9f:cf:0a:d0:cf:2b:
+    b6:ea:e5:3c:92:9f:c2:6f:24:86:71:15:61:49:7b:
+    77:48:c1:d2:13:67:1a:f7:c0:89:3d:3d:87:cf:6e:
+    5c:e4:46:28:fe:33:89:3c:09:fc:50:3c:b7:a9:25:
+    3c:f2:a5:a0:e1:e0:9c:d1:4a:3e:11:5b:10:1a:33:
+    29:c7:ca:0b:ac:bf:c2:be:90:27:1f:ef:d7:d2:ca:
+    5f:37:b3:b3:b9:3a:35:87:be:ca:c3:f7:59:03:f7:
+    7e:f1
 prime1:
-    00:e1:d6:07:8c:c6:4d:90:fa:d6:40:9a:1f:e5:34:
-    50:16:72:9f:5b:83:c1:60:d5:73:39:c2:c6:ec:3a:
-    ed:24:fe:aa:5d:16:14:ba:85:a4:7d:5a:94:e8:63:
-    f9:dd:25:a8:2c:6b:ca:7c:43:c7:a9:92:ae:35:5c:
-    85:47:9e:51:e9
+    00:f7:83:23:4b:6f:82:af:b6:7a:0f:1f:1a:05:21:
+    d1:a1:84:d1:07:24:db:dd:64:9f:16:84:eb:c4:bf:
+    ec:cf:2f:69:92:21:b8:88:05:24:8c:bc:c1:db:d0:
+    38:53:bf:43:dc:5b:5e:42:7b:ad:de:d6:3a:04:9e:
+    a5:a7:f0:0b:2e:4e:2a:20:6f:95:7d:f0:be:ff:12:
+    c6:f4:d2:ca:39:e1:a5:c9:34:58:3b:3d:40:c1:88:
+    63:c3:cc:87:02:25:70:88:58:df:ec:b6:d6:0c:9e:
+    15:2d:57:e1:34:e9:2e:ac:51:cf:c4:83:dd:b6:11:
+    44:23:b8:95:50:6c:40:ae:ed
 prime2:
-    00:db:32:2e:59:ea:22:83:ce:d3:d5:7b:cb:b9:81:
-    b9:c2:4e:5b:08:ab:8f:66:21:34:55:61:50:57:02:
-    5e:d2:d9:09:8d:39:81:85:cd:4c:08:f3:b1:1a:b5:
-    b4:0c:3b:77:5e:c1:e0:95:f1:98:c6:f5:58:88:42:
-    50:b0:c3:41:cd
+    00:f2:1d:4d:7f:ee:9e:a5:0f:c9:73:a5:4d:fe:7c:
+    0a:94:8e:c6:77:c8:ec:53:e0:03:f5:65:42:39:40:
+    26:02:46:8f:05:3d:b9:ba:f2:29:8a:b4:3c:60:37:
+    85:ee:e0:ba:e2:35:69:be:84:95:53:f3:fd:b8:b9:
+    5b:51:76:10:2a:f8:b2:54:58:ab:e5:89:18:46:df:
+    08:c0:4f:57:56:cc:1c:f2:53:e6:b6:91:c0:bd:9c:
+    c6:a8:8c:bf:a0:d4:b6:86:37:50:f9:69:78:95:bd:
+    83:6f:5e:64:1a:b7:75:31:2c:a2:c5:c9:b7:b7:80:
+    c4:61:ac:fd:f7:c7:88:71:bf
 exponent1:
-    00:b2:c8:27:4d:f0:a6:f3:41:40:60:00:23:83:e5:
-    f8:08:ed:50:ee:b7:cd:5d:05:5d:a4:ba:67:94:17:
-    ca:28:e1:5a:a9:3a:93:ca:5d:86:2c:9e:8b:07:b6:
-    2d:d6:3e:bb:75:ff:17:5b:6c:a5:21:bf:37:1e:93:
-    52:07:b2:74:11
+    3c:63:9c:9a:ed:2c:1f:9f:10:0c:dc:73:c6:c8:c7:
+    92:f7:0a:e1:09:57:33:9f:37:49:91:48:cd:0a:5e:
+    c6:f6:34:75:d9:10:62:ef:8e:49:60:4c:94:4b:2b:
+    53:13:99:85:0c:2d:e5:5e:b3:bf:68:d9:63:03:2a:
+    3b:dd:4f:7d:0e:c9:2c:7c:cd:26:9b:34:9e:9b:80:
+    3b:7f:aa:a3:90:b0:98:74:d3:0a:31:19:b9:9e:83:
+    68:e4:60:14:5f:fa:22:ea:3c:48:4f:1b:ce:9c:4b:
+    62:72:cc:99:d2:42:f6:fc:47:0b:15:79:64:d0:b5:
+    a5:59:85:e4:c7:64:c8:c9
 exponent2:
-    63:f3:51:e7:76:38:1e:da:65:05:e7:d9:51:d1:b1:
-    9e:c4:94:06:34:14:c3:81:48:97:d6:34:08:38:f0:
-    7c:3c:b3:7a:4e:4a:9d:74:ab:c3:39:3b:fc:ed:f6:
-    17:cd:d5:f4:c3:7b:61:64:35:42:24:06:26:bb:f6:
-    87:63:c1:d1
+    00:d5:ba:32:58:d5:cf:6c:0c:94:9c:26:f7:c3:c7:
+    c2:1b:44:32:45:39:b4:0d:92:ba:4b:dd:38:69:8b:
+    8c:42:04:01:6a:f2:03:4b:d9:4b:fc:aa:80:85:bb:
+    5d:da:f2:bd:66:c5:19:f4:d9:db:6c:81:fd:9f:1c:
+    d9:54:fe:f0:e4:ce:27:b6:37:94:7f:0a:d7:c8:70:
+    48:ac:63:1d:c9:7c:63:ad:33:8d:7d:eb:0a:87:17:
+    a7:72:d0:d4:b4:e8:31:bc:27:86:ae:b5:81:82:46:
+    0a:89:bc:7c:87:ed:1d:61:ec:72:40:41:82:91:55:
+    f5:85:f8:0d:35:b7:09:66:c7
 coefficient:
-    00:8a:5b:12:c8:57:3c:1e:95:32:eb:5e:e3:92:50:
-    2c:7b:6a:02:a4:18:48:30:cc:23:9f:79:91:dd:56:
-    e8:ae:f7:93:47:ed:a6:26:35:6b:aa:7c:2c:f2:36:
-    01:33:f3:0f:df:50:c9:c8:0a:e7:6e:ec:ba:54:a0:
-    8d:0f:09:40:fd
+    3d:9b:b0:01:4b:43:c3:bf:50:86:d8:c8:52:d4:4d:
+    7a:05:40:2d:20:50:d4:4a:a9:33:a3:b8:d1:fc:6b:
+    eb:be:c9:df:44:f7:70:51:05:d8:58:d2:a0:d8:e0:
+    36:fc:56:43:25:0f:2a:b6:41:a2:25:99:01:8b:d5:
+    93:f4:d6:04:ae:4f:40:44:f6:f2:85:a8:9f:35:99:
+    63:9d:ef:f9:f5:3e:5d:07:3c:96:23:a6:26:8c:28:
+    d1:60:cd:13:18:3b:41:e9:30:31:83:50:73:91:ba:
+    5a:a3:69:d1:6e:a8:40:f2:72:df:e8:88:73:9c:a7:
+    ce:e7:9f:11:97:e5:04:6d
 -----BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDBXl0mrnMXWnA3rEIlygUQhhcjbCiESCpK1LA6Ktgzrlhnb5tP
-prSHsew3AGmN1c9xipbhSvjIgTb5Q63Y1naDJ5mkSBfC75wiQEvGWCGI5R03eU66
-MeZS7Iwj7dbOO1itgseuKEfU58wxrHjJAofQsZEJ9h6aw0/2Wv6iIQ7AlQIDAQAB
-AoGAYFu3q5ju/Uox9Ww/ojkjgPJxAVPadODJQnTuRG4pQse0ggbZrD10ZNJC1b28
-29MaBoh7W1VS2Aeb72bMcOueLit+wTSEmoM0snDGWXJgoPT12fJ2rr99IzXurbEt
-wf4FfVt/LNqH7G6wowjJveUwpMJublDAXjH2M++GV2RFt8ECQQDh1geMxk2Q+tZA
-mh/lNFAWcp9bg8Fg1XM5wsbsOu0k/qpdFhS6haR9WpToY/ndJagsa8p8Q8epkq41
-XIVHnlHpAkEA2zIuWeoig87T1XvLuYG5wk5bCKuPZiE0VWFQVwJe0tkJjTmBhc1M
-CPOxGrW0DDt3XsHglfGYxvVYiEJQsMNBzQJBALLIJ03wpvNBQGAAI4Pl+AjtUO63
-zV0FXaS6Z5QXyijhWqk6k8pdhiyeiwe2LdY+u3X/F1tspSG/Nx6TUgeydBECQGPz
-Ued2OB7aZQXn2VHRsZ7ElAY0FMOBSJfWNAg48Hw8s3pOSp10q8M5O/zt9hfN1fTD
-e2FkNUIkBia79odjwdECQQCKWxLIVzwelTLrXuOSUCx7agKkGEgwzCOfeZHdVuiu
-95NH7aYmNWuqfCzyNgEz8w/fUMnICudu7LpUoI0PCUD9
+MIIEpAIBAAKCAQEA6hZMJnFWrDW7K/YbGFgWDxw5P00C5LKni73+mVfypagVAXkN
+HfbZEtvVJqL2WK9LLKpGelNjnx8anhz8mo4gyMjI201QjU4Zg6GdVEkmezrgdx19
+iAGARjJwRxYIcd4SlGf9cR9BVpMVkWi9BTtnlh96TdUetqxBH/DO0y2W2Xytzb6z
+MmYYAyyDmPHolm+FD+Efk9D5CUOMsepDJjKlxtIydS3tcp2/OrvzTtAMrLpr/X9m
+2BJATknn1OxwA3E3y17M00/z0sziOet5bHHl0Q5FTHo9bznoFufeYOsB54BOQh0c
+Mwrr+RAsXO0MWAuM/W30GUmKooGrBLDLemEf0wIDAQABAoIBAQC1hxEKhr3V0d0S
+HEmquTRyB0sFoazquPhgz7eOJruOZyfS+pKHeBOiIkPLMHilEVrUij8ZQW1xyecU
+Uho5qJoX2kyYc/5Rdg0nHL8qy4dB7MiA1qewPqnAxgB3v8hQtQvndjT98mTyxCDn
+oDdkxUpxCnwHu4uT0US3hkB9V08x25giIdXzsFdO9smkCEM92M5Zqqcf2pNAEc+M
+FJ3zEJ/PCtDPK7bq5TySn8JvJIZxFWFJe3dIwdITZxr3wIk9PYfPblzkRij+M4k8
+CfxQPLepJTzypaDh4JzRSj4RWxAaMynHygusv8K+kCcf79fSyl83s7O5OjWHvsrD
+91kD937xAoGBAPeDI0tvgq+2eg8fGgUh0aGE0Qck291knxaE68S/7M8vaZIhuIgF
+JIy8wdvQOFO/Q9xbXkJ7rd7WOgSepafwCy5OKiBvlX3wvv8SxvTSyjnhpck0WDs9
+QMGIY8PMhwIlcIhY3+y21gyeFS1X4TTpLqxRz8SD3bYRRCO4lVBsQK7tAoGBAPId
+TX/unqUPyXOlTf58CpSOxnfI7FPgA/VlQjlAJgJGjwU9ubryKYq0PGA3he7guuI1
+ab6ElVPz/bi5W1F2ECr4slRYq+WJGEbfCMBPV1bMHPJT5raRwL2cxqiMv6DUtoY3
+UPlpeJW9g29eZBq3dTEsosXJt7eAxGGs/ffHiHG/AoGAPGOcmu0sH58QDNxzxsjH
+kvcK4QlXM583SZFIzQpexvY0ddkQYu+OSWBMlEsrUxOZhQwt5V6zv2jZYwMqO91P
+fQ7JLHzNJps0npuAO3+qo5CwmHTTCjEZuZ6DaORgFF/6Iuo8SE8bzpxLYnLMmdJC
+9vxHCxV5ZNC1pVmF5MdkyMkCgYEA1boyWNXPbAyUnCb3w8fCG0QyRTm0DZK6S904
+aYuMQgQBavIDS9lL/KqAhbtd2vK9ZsUZ9NnbbIH9nxzZVP7w5M4ntjeUfwrXyHBI
+rGMdyXxjrTONfesKhxenctDUtOgxvCeGrrWBgkYKibx8h+0dYexyQEGCkVX1hfgN
+NbcJZscCgYA9m7ABS0PDv1CG2MhS1E16BUAtIFDUSqkzo7jR/GvrvsnfRPdwUQXY
+WNKg2OA2/FZDJQ8qtkGiJZkBi9WT9NYErk9ARPbyhaifNZljne/59T5dBzyWI6Ym
+jCjRYM0TGDtB6TAxg1Bzkbpao2nRbqhA8nLf6IhznKfO558Rl+UEbQ==
 -----END RSA PRIVATE KEY-----

data/spec/fixtures/ssl/unknown-ca.pem

@@ -6,21 +6,30 @@ Certificate:
         Issuer: CN=Unknown CA
         Validity
             Not Before: Jan  1 00:00:00 1970 GMT
-            Not After : Mar 10 06:54:16 2030 GMT
+            Not After : Apr 18 18:46:23 2031 GMT
         Subject: CN=Unknown CA
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (1024 bit)
+                RSA Public-Key: (2048 bit)
                 Modulus:
-                    00:c1:5e:5d:26:ae:73:17:5a:70:37:ac:42:25:ca:
-                    05:10:86:17:23:6c:28:84:48:2a:4a:d4:b0:3a:2a:
-                    d8:33:ae:58:67:6f:9b:4f:a6:b4:87:b1:ec:37:00:
-                    69:8d:d5:cf:71:8a:96:e1:4a:f8:c8:81:36:f9:43:
-                    ad:d8:d6:76:83:27:99:a4:48:17:c2:ef:9c:22:40:
-                    4b:c6:58:21:88:e5:1d:37:79:4e:ba:31:e6:52:ec:
-                    8c:23:ed:d6:ce:3b:58:ad:82:c7:ae:28:47:d4:e7:
-                    cc:31:ac:78:c9:02:87:d0:b1:91:09:f6:1e:9a:c3:
-                    4f:f6:5a:fe:a2:21:0e:c0:95
+                    00:ea:16:4c:26:71:56:ac:35:bb:2b:f6:1b:18:58:
+                    16:0f:1c:39:3f:4d:02:e4:b2:a7:8b:bd:fe:99:57:
+                    f2:a5:a8:15:01:79:0d:1d:f6:d9:12:db:d5:26:a2:
+                    f6:58:af:4b:2c:aa:46:7a:53:63:9f:1f:1a:9e:1c:
+                    fc:9a:8e:20:c8:c8:c8:db:4d:50:8d:4e:19:83:a1:
+                    9d:54:49:26:7b:3a:e0:77:1d:7d:88:01:80:46:32:
+                    70:47:16:08:71:de:12:94:67:fd:71:1f:41:56:93:
+                    15:91:68:bd:05:3b:67:96:1f:7a:4d:d5:1e:b6:ac:
+                    41:1f:f0:ce:d3:2d:96:d9:7c:ad:cd:be:b3:32:66:
+                    18:03:2c:83:98:f1:e8:96:6f:85:0f:e1:1f:93:d0:
+                    f9:09:43:8c:b1:ea:43:26:32:a5:c6:d2:32:75:2d:
+                    ed:72:9d:bf:3a:bb:f3:4e:d0:0c:ac:ba:6b:fd:7f:
+                    66:d8:12:40:4e:49:e7:d4:ec:70:03:71:37:cb:5e:
+                    cc:d3:4f:f3:d2:cc:e2:39:eb:79:6c:71:e5:d1:0e:
+                    45:4c:7a:3d:6f:39:e8:16:e7:de:60:eb:01:e7:80:
+                    4e:42:1d:1c:33:0a:eb:f9:10:2c:5c:ed:0c:58:0b:
+                    8c:fd:6d:f4:19:49:8a:a2:81:ab:04:b0:cb:7a:61:
+                    1f:d3
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Basic Constraints: critical
@@ -28,32 +37,45 @@ Certificate:
             X509v3 Key Usage: critical
                 Certificate Sign, CRL Sign
             X509v3 Subject Key Identifier: 
-                E9:58:70:FE:F1:C1:AA:5A:70:7A:C1:02:11:1D:9A:F4:60:4F:70:76
+                16:C5:98:B8:84:0B:0A:43:CB:5A:D2:E0:55:C0:64:AB:89:F8:50:FD
             Netscape Comment: 
                 Puppet Server Internal Certificate
             X509v3 Authority Key Identifier: 
-                keyid:E9:58:70:FE:F1:C1:AA:5A:70:7A:C1:02:11:1D:9A:F4:60:4F:70:76
+                keyid:16:C5:98:B8:84:0B:0A:43:CB:5A:D2:E0:55:C0:64:AB:89:F8:50:FD
 
     Signature Algorithm: sha256WithRSAEncryption
-         00:45:89:e8:68:a7:50:8c:92:84:3c:c4:e6:10:00:29:27:99:
-         c6:82:aa:aa:b5:0b:ef:97:58:bc:bb:e6:e7:93:7c:a7:ea:e5:
-         9a:61:1d:e3:4f:3f:f9:ac:c4:96:14:a5:1f:77:a6:01:dc:08:
-         15:9c:3f:66:29:92:80:49:e9:db:d9:22:fb:c3:86:bf:40:ab:
-         46:bf:c5:47:bb:c8:89:df:d4:ca:36:f5:08:c4:08:c6:0b:d6:
-         9e:8a:86:41:1e:7e:6f:a9:75:ef:8a:94:a9:fd:1a:9b:0f:55:
-         3a:55:e5:04:82:71:c3:47:78:62:8e:07:ed:dc:4e:ac:f9:33:
-         7b:27
+         7d:0b:a0:2e:d4:fb:6b:29:04:d6:86:4e:89:94:4c:b5:d4:f7:
+         79:5a:38:95:51:9a:80:03:82:93:c8:a7:4e:93:4a:4b:41:1a:
+         85:f3:46:57:e1:70:50:ad:bb:4e:b9:d6:0c:00:e5:9e:4c:f7:
+         26:3b:88:61:27:ad:fa:39:a7:36:e1:62:87:7a:dc:7d:f9:f6:
+         c1:ee:bc:db:f7:65:a1:b0:2a:06:ae:4b:cb:99:82:f5:8e:38:
+         51:ac:c9:92:33:b9:7b:50:8b:c6:72:36:d3:f2:73:7d:58:13:
+         00:21:4d:c6:70:9d:eb:70:58:bf:dc:34:94:7e:bc:ef:17:2d:
+         9d:00:bd:55:f9:48:11:c0:8f:88:ea:a8:7c:5d:fb:88:fd:8c:
+         b4:00:1d:61:a7:4b:2a:90:ef:96:c1:28:2a:a0:95:ad:bb:b3:
+         af:3a:d5:93:1c:54:d7:c5:5b:26:a3:24:87:df:bd:68:74:fa:
+         e6:07:4e:13:b9:5f:54:19:ae:da:00:8c:ca:d6:ff:b7:94:6b:
+         4f:ff:71:ca:2b:7d:ee:7e:32:ff:03:3e:60:a4:30:d4:7d:9c:
+         ab:97:0e:f7:80:ee:69:c0:28:a8:ec:6b:89:05:38:64:34:e8:
+         b2:e9:f3:a1:85:e7:3d:e1:64:3c:86:e4:fd:44:4f:3b:2a:f8:
+         d2:b4:93:22
 -----BEGIN CERTIFICATE-----
-MIICODCCAaGgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApVbmtu
-b3duIENBMB4XDTcwMDEwMTAwMDAwMFoXDTMwMDMxMDA2NTQxNlowFTETMBEGA1UE
-AwwKVW5rbm93biBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwV5dJq5z
-F1pwN6xCJcoFEIYXI2wohEgqStSwOirYM65YZ2+bT6a0h7HsNwBpjdXPcYqW4Ur4
-yIE2+UOt2NZ2gyeZpEgXwu+cIkBLxlghiOUdN3lOujHmUuyMI+3WzjtYrYLHrihH
-1OfMMax4yQKH0LGRCfYemsNP9lr+oiEOwJUCAwEAAaOBlzCBlDAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU6Vhw/vHBqlpwesECER2a
-9GBPcHYwMQYJYIZIAYb4QgENBCQWIlB1cHBldCBTZXJ2ZXIgSW50ZXJuYWwgQ2Vy
-dGlmaWNhdGUwHwYDVR0jBBgwFoAU6Vhw/vHBqlpwesECER2a9GBPcHYwDQYJKoZI
-hvcNAQELBQADgYEAAEWJ6GinUIyShDzE5hAAKSeZxoKqqrUL75dYvLvm55N8p+rl
-mmEd408/+azElhSlH3emAdwIFZw/ZimSgEnp29ki+8OGv0CrRr/FR7vIid/Uyjb1
-CMQIxgvWnoqGQR5+b6l174qUqf0amw9VOlXlBIJxw0d4Yo4H7dxOrPkzeyc=
+MIIDPTCCAiWgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDDApVbmtu
+b3duIENBMB4XDTcwMDEwMTAwMDAwMFoXDTMxMDQxODE4NDYyM1owFTETMBEGA1UE
+AwwKVW5rbm93biBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOoW
+TCZxVqw1uyv2GxhYFg8cOT9NAuSyp4u9/plX8qWoFQF5DR322RLb1Sai9livSyyq
+RnpTY58fGp4c/JqOIMjIyNtNUI1OGYOhnVRJJns64HcdfYgBgEYycEcWCHHeEpRn
+/XEfQVaTFZFovQU7Z5Yfek3VHrasQR/wztMtltl8rc2+szJmGAMsg5jx6JZvhQ/h
+H5PQ+QlDjLHqQyYypcbSMnUt7XKdvzq7807QDKy6a/1/ZtgSQE5J59TscANxN8te
+zNNP89LM4jnreWxx5dEORUx6PW856Bbn3mDrAeeATkIdHDMK6/kQLFztDFgLjP1t
+9BlJiqKBqwSwy3phH9MCAwEAAaOBlzCBlDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjAdBgNVHQ4EFgQUFsWYuIQLCkPLWtLgVcBkq4n4UP0wMQYJYIZI
+AYb4QgENBCQWIlB1cHBldCBTZXJ2ZXIgSW50ZXJuYWwgQ2VydGlmaWNhdGUwHwYD
+VR0jBBgwFoAUFsWYuIQLCkPLWtLgVcBkq4n4UP0wDQYJKoZIhvcNAQELBQADggEB
+AH0LoC7U+2spBNaGTomUTLXU93laOJVRmoADgpPIp06TSktBGoXzRlfhcFCtu065
+1gwA5Z5M9yY7iGEnrfo5pzbhYod63H359sHuvNv3ZaGwKgauS8uZgvWOOFGsyZIz
+uXtQi8ZyNtPyc31YEwAhTcZwnetwWL/cNJR+vO8XLZ0AvVX5SBHAj4jqqHxd+4j9
+jLQAHWGnSyqQ75bBKCqgla27s6861ZMcVNfFWyajJIffvWh0+uYHThO5X1QZrtoA
+jMrW/7eUa0//ccorfe5+Mv8DPmCkMNR9nKuXDveA7mnAKKjsa4kFOGQ06LLp86GF
+5z3hZDyG5P1ETzsq+NK0kyI=
 -----END CERTIFICATE-----

data/spec/integration/application/resource_spec.rb

@@ -0,0 +1,30 @@
+require 'spec_helper'
+require 'puppet_spec/files'
+
+describe "puppet resource", unless: Puppet::Util::Platform.jruby? do
+  include PuppetSpec::Files
+
+  let(:resource) { Puppet::Application[:resource] }
+
+  describe "when handling file and tidy types" do
+    let!(:dir) { dir_containing('testdir', 'testfile' => 'contents') }
+
+    it 'does not raise when generating file resources' do
+      resource.command_line.args = ['file', dir, 'ensure=directory', 'recurse=true']
+
+      expect {
+        resource.run
+      }.to output(/ensure.+=> 'directory'/).to_stdout
+    end
+
+    it 'correctly cleans up a given path' do
+      resource.command_line.args = ['tidy', dir, 'rmdirs=true', 'recurse=true']
+
+      expect {
+        resource.run
+      }.to output(/Notice: \/File\[#{dir}\]\/ensure: removed/).to_stdout
+
+      expect(Puppet::FileSystem.exist?(dir)).to be false
+    end
+  end
+end

data/spec/lib/puppet/test_ca.rb

@@ -30,7 +30,7 @@ module Puppet
     end
 
     def create_request(name)
-      key = OpenSSL::PKey::RSA.new(1024)
+      key = OpenSSL::PKey::RSA.new(2048)
       csr = OpenSSL::X509::Request.new
       csr.public_key = key.public_key
       csr.subject = OpenSSL::X509::Name.new([["CN", name]])
@@ -127,7 +127,7 @@ module Puppet
       key = if opts[:key_type] == :ec
               key = OpenSSL::PKey::EC.generate('prime256v1')
             else
-              key = OpenSSL::PKey::RSA.new(1024)
+              key = OpenSSL::PKey::RSA.new(2048)
             end
       cert = OpenSSL::X509::Certificate.new
       cert.public_key = if key.is_a?(OpenSSL::PKey::EC)

data/spec/unit/application/agent_spec.rb

@@ -546,11 +546,16 @@ describe Puppet::Application::Agent do
         @puppetd.options[:digest] = :MD5
       end
 
+      def expected_fingerprint(name, x509)
+        digest = OpenSSL::Digest.new(name).hexdigest(x509.to_der)
+        digest.scan(/../).join(':').upcase
+      end
+
       it "should fingerprint the certificate if it exists" do
         cert = cert_fixture('signed.pem')
         allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(cert)
 
-        expect(@puppetd).to receive(:puts).with('(MD5) E2:BA:9A:EF:20:A8:7D:10:8D:82:9A:61:5D:FD:5B:33')
+        expect(@puppetd).to receive(:puts).with("(MD5) #{expected_fingerprint('md5', cert)}")
 
         @puppetd.fingerprint
       end
@@ -560,7 +565,7 @@ describe Puppet::Application::Agent do
         allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_client_cert).and_return(nil)
         allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_request).and_return(request)
 
-        expect(@puppetd).to receive(:puts).with('(MD5) B8:4C:FB:31:AE:17:86:E3:AD:53:97:CA:F6:3C:4A:CB')
+        expect(@puppetd).to receive(:puts).with("(MD5) #{expected_fingerprint('md5', request)}")
 
         @puppetd.fingerprint
       end