def self.handle_existing_puppet_certs
ssldir = ::Utils.puppet_info[:config]['ssldir']
certs_exist = !Dir.glob(File.join(ssldir, '**', '*.pem')).empty?
rm_ssldir = @remove_ssldir
if rm_ssldir.nil?
if certs_exist
info('Existing puppetserver certificates have been found in')
info(" #{ssldir}" )
info('If this server has no registered agents, those certificates can be safely removed.')
info('Otherwise, although removing them will ensure consistency, manual')
info('steps may be required to ensure connectivity with existing Puppet clients.')
info('(See https://docs.puppet.com/puppet/latest/ssl_regenerate_certificates.html)')
info('Regardless, if removed, new puppetserver certificates will be generated')
info('automatically.')
question = "> Do you wish to remove existing puppetserver certificates? (yes|no) "
rm_ask = ask(question.yellow) { |q| q.validate = /(yes)|(no)/i }
rm_ssldir = (rm_ask.downcase == 'yes')
end
end
if rm_ssldir
FileUtils.rm_rf(Dir.glob(File.join(ssldir,'*')))
info("Successfully removed #{ssldir}/*", 'green')
else
info("Keeping current puppetserver certificates, in #{ssldir}", 'green') if certs_exist
end
end