diff --git a/spec/unit/sslcertificates/ca_spec.rb b/spec/unit/sslcertificates/ca_spec.rb
new file mode 100644
index 000000000..aa7e25ff3
--- /dev/null
+++ b/spec/unit/sslcertificates/ca_spec.rb
@@ -0,0 +1,99 @@
+#!/usr/bin/env ruby
+
+require File.dirname(__FILE__) + '/../../spec_helper'
+require 'puppet'
+require 'puppet/sslcertificates'
+require 'puppet/sslcertificates/ca'
+
+describe Puppet::SSLCertificates::CA do
+  before :all do
+    @hosts = %w{host.domain.com Other.Testing.Com}
+  end
+
+  before :each do
+    Puppet::Util::SUIDManager.stubs(:asuser).yields
+    file = Tempfile.new("ca_testing")
+    @dir = file.path
+    file.delete
+
+    Puppet.settings[:confdir] = @dir
+    Puppet.settings[:vardir]  = @dir
+
+    @ca = Puppet::SSLCertificates::CA.new
+  end
+
+  after :each do
+    system("rm -rf #{@dir}")
+  end
+
+  describe 'when cleaning' do
+    it 'should remove associated files' do
+      dirs = [:csrdir, :signeddir, :publickeydir, :privatekeydir, :certdir]
+
+      @hosts.each do |host|
+        files = []
+        dirs.each do |dir|
+          dir = Puppet[dir]
+
+          # Case insensitivity is handled through downcasing
+          file = File.join(dir, host.downcase + '.pem')
+
+          File.open(file, "w") do |f|
+            f.puts "testing"
+          end
+
+          files << file
+        end
+
+        lambda { @ca.clean(host) }.should_not raise_error
+
+        files.reject {|f| ! File.exists?(f)}.should be_empty
+      end
+    end
+  end
+
+  describe 'when mapping hosts to files' do
+    it 'should correctly return the certfile' do
+      @hosts.each do |host|
+        value = nil
+        lambda { value = @ca.host2certfile host }.should_not raise_error
+
+        File.join(Puppet[:signeddir], host.downcase + '.pem').should == value
+      end
+    end
+
+    it 'should correctly return the csrfile' do
+      @hosts.each do |host|
+        value = nil
+        lambda { value = @ca.host2csrfile host }.should_not raise_error
+
+        File.join(Puppet[:csrdir], host.downcase + '.pem').should == value
+      end
+    end
+  end
+
+  describe 'when listing' do
+    it 'should find all csr' do
+      list = []
+
+      # Make some fake CSRs
+      @hosts.each do |host|
+        file = File.join(Puppet[:csrdir], host.downcase + '.pem')
+        File.open(file, 'w') { |f| f.puts "yay" }
+        list << host.downcase
+      end
+
+      @ca.list.sort.should == list.sort
+    end
+  end
+
+  describe 'when creating a root certificate' do
+    before :each do
+      lambda { @ca.mkrootcert }.should_not raise_exception
+    end
+
+    it 'should store the public key' do
+      File.exists?(Puppet[:capub]).should be_true
+    end
+  end
+end
diff --git a/test/certmgr/ca.rb b/test/certmgr/ca.rb
deleted file mode 100755
index 7e0498dfb..000000000
--- a/test/certmgr/ca.rb
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/usr/bin/env ruby
-
-require File.dirname(__FILE__) + '/../lib/puppettest'
-
-require 'puppet'
-require 'puppet/sslcertificates/ca.rb'
-require 'puppettest'
-require 'puppettest/certificates'
-require 'mocha'
-
-class TestCA < Test::Unit::TestCase
-  include PuppetTest
-
-  def setup
-    super
-    Puppet::Util::SUIDManager.stubs(:asuser).yields
-  end
-
-  def hosts
-    %w{host.domain.com Other.Testing.Com}
-  end
-  def mkca
-    Puppet::SSLCertificates::CA.new
-  end
-
-  def test_clean
-    dirs = [:csrdir, :signeddir, :publickeydir, :privatekeydir, :certdir]
-    ca = mkca
-
-    hosts.each do |host|
-      files = []
-      dirs.each do |dir|
-        dir = Puppet[dir]
-        # We handle case insensitivity through downcasing
-        file = File.join(dir, host.downcase + ".pem")
-        File.open(file, "w") do |f|
-          f.puts "testing"
-        end
-        files << file
-      end
-      assert_nothing_raised do
-        ca.clean(host)
-      end
-      files.each do |f|
-        assert(! FileTest.exists?(f), "File #{f} was not deleted")
-      end
-    end
-  end
-
-  def test_host2Xfile
-    ca = mkca
-    hosts.each do |host|
-      {:signeddir => :host2certfile, :csrdir => :host2csrfile}.each do |dir, method|
-        val = nil
-        assert_nothing_raised do
-          val = ca.send(method, host)
-        end
-        assert_equal(File.join(Puppet[dir], host.downcase + ".pem"), val,
-          "incorrect response from #{method}")
-      end
-    end
-  end
-
-  def test_list
-    ca = mkca
-    # Make a fake csr
-    dir = Puppet[:csrdir]
-    list = []
-    hosts.each do |host|
-      file = File.join(dir, host.downcase + ".pem")
-      File.open(file, "w") { |f| f.puts "yay" }
-      list << host.downcase
-    end
-
-    assert_equal(list.sort, ca.list.sort, "list was not correct")
-  end
-
-  # #142 - test storing the public key
-  def test_store_public_key
-    ca = mkca
-    assert_nothing_raised do
-      ca.mkrootcert
-    end
-    assert(FileTest.exists?(Puppet[:capub]), "did not store public key")
-  end
-end
-