1 files changed, 10 insertions, 33 deletions

diff --git a/spec/unit/ssl/host_spec.rb b/spec/unit/ssl/host_spec.rb
index dd6434359..3f94407be 100755
--- a/spec/unit/ssl/host_spec.rb
+++ b/spec/unit/ssl/host_spec.rb
@@ -182,57 +182,48 @@ describe Puppet::SSL::Host do
   it "should cache the localhost instance" do
     host = stub 'host', :certificate => "eh", :key => 'foo'
     Puppet::SSL::Host.expects(:new).once.returns host
-
     Puppet::SSL::Host.localhost.should == Puppet::SSL::Host.localhost
   end
 
   it "should be able to verify its certificate matches its key" do
-    Puppet::SSL::Host.new("foo").should respond_to(:certificate_matches_key?)
+    Puppet::SSL::Host.new("foo").should respond_to(:validate_certificate_with_key)
   end
 
   it "should consider the certificate invalid if it cannot find a key" do
     host = Puppet::SSL::Host.new("foo")
+    certificate = mock('cert', :fingerprint => 'DEADBEEF')
+    host.expects(:certificate).twice.returns certificate
     host.expects(:key).returns nil
-
-    host.should_not be_certificate_matches_key
+    lambda { host.validate_certificate_with_key }.should raise_error(Puppet::Error, "No private key with which to validate certificate with fingerprint: DEADBEEF")
   end
 
   it "should consider the certificate invalid if it cannot find a certificate" do
     host = Puppet::SSL::Host.new("foo")
-    host.expects(:key).returns mock("key")
+    host.expects(:key).never
     host.expects(:certificate).returns nil
-
-    host.should_not be_certificate_matches_key
+    lambda { host.validate_certificate_with_key }.should raise_error(Puppet::Error, "No certificate to validate.")
   end
 
   it "should consider the certificate invalid if the SSL certificate's key verification fails" do
     host = Puppet::SSL::Host.new("foo")
-
     key = mock 'key', :content => "private_key"
     sslcert = mock 'sslcert'
-    certificate = mock 'cert', :content => sslcert
-
+    certificate = mock 'cert', {:content => sslcert, :fingerprint => 'DEADBEEF'}
     host.stubs(:key).returns key
     host.stubs(:certificate).returns certificate
-
     sslcert.expects(:check_private_key).with("private_key").returns false
-
-    host.should_not be_certificate_matches_key
+    lambda { host.validate_certificate_with_key }.should raise_error(Puppet::Error, /DEADBEEF/)
   end
 
   it "should consider the certificate valid if the SSL certificate's key verification succeeds" do
     host = Puppet::SSL::Host.new("foo")
-
     key = mock 'key', :content => "private_key"
     sslcert = mock 'sslcert'
     certificate = mock 'cert', :content => sslcert
-
     host.stubs(:key).returns key
     host.stubs(:certificate).returns certificate
-
     sslcert.expects(:check_private_key).with("private_key").returns true
-
-    host.should be_certificate_matches_key
+    lambda{ host.validate_certificate_with_key }.should_not raise_error
   end
 
   describe "when specifying the CA location" do
@@ -511,15 +502,13 @@ describe Puppet::SSL::Host do
     before do
       @realcert = mock 'certificate'
       @cert = stub 'cert', :content => @realcert
-
       @host.stubs(:key).returns mock("key")
-      @host.stubs(:certificate_matches_key?).returns true
+      @host.stubs(:validate_certificate_with_key)
     end
 
     it "should find the CA certificate if it does not have a certificate" do
       Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME).returns mock("cacert")
       Puppet::SSL::Certificate.indirection.stubs(:find).with("myname").returns @cert
-
       @host.certificate
     end
 
@@ -541,34 +530,22 @@ describe Puppet::SSL::Host do
     it "should find the key if it does not have one" do
       Puppet::SSL::Certificate.indirection.stubs(:find)
       @host.expects(:key).returns mock("key")
-
       @host.certificate
     end
 
     it "should generate the key if one cannot be found" do
       Puppet::SSL::Certificate.indirection.stubs(:find)
-
       @host.expects(:key).returns nil
       @host.expects(:generate_key)
-
       @host.certificate
     end
 
     it "should find the certificate in the Certificate class and return the Puppet certificate instance" do
       Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME).returns mock("cacert")
       Puppet::SSL::Certificate.indirection.expects(:find).with("myname").returns @cert
-
       @host.certificate.should equal(@cert)
     end
 
-    it "should fail if the found certificate does not match the private key" do
-      @host.expects(:certificate_matches_key?).returns false
-
-      Puppet::SSL::Certificate.indirection.stubs(:find).returns @cert
-
-      lambda { @host.certificate }.should raise_error(Puppet::Error)
-    end
-
     it "should return any previously found certificate" do
       Puppet::SSL::Certificate.indirection.expects(:find).with(Puppet::SSL::CA_NAME).returns mock("cacert")
       Puppet::SSL::Certificate.indirection.expects(:find).with("myname").returns(@cert).once