lib/puppet/ssl/certificate_authority.rb in puppet-3.1.0.rc1 vs lib/puppet/ssl/certificate_authority.rb in puppet-3.1.0.rc2

@@ -1,8 +1,9 @@
 require 'monitor'
 require 'puppet/ssl/host'
 require 'puppet/ssl/certificate_request'
+require 'puppet/ssl/certificate_signer'
 require 'puppet/util'
 
 # The class that knows how to sign certificates.  It creates
 # a 'special' SSL::Host whose name is 'ca', thus indicating
 # that, well, it's the CA.  There's some magic in the
@@ -275,10 +276,12 @@
     end
 
     cert = Puppet::SSL::Certificate.new(hostname)
     cert.content = Puppet::SSL::CertificateFactory.
       build(cert_type, csr, issuer, next_serial)
-    cert.content.sign(host.key.content, OpenSSL::Digest::SHA256.new)
+
+    signer = Puppet::SSL::CertificateSigner.new
+    signer.sign(cert.content, host.key.content)
 
     Puppet.notice "Signed certificate request for #{hostname}"
 
     # Add the cert to the inventory before we save it, since
     # otherwise we could end up with it being duplicated, if