diff --git a/bin/puppetmasterd b/bin/puppetmasterd
index 11b0d7fd0..57fc4bdb4 100755
--- a/bin/puppetmasterd
+++ b/bin/puppetmasterd
@@ -176,9 +176,13 @@ require 'puppet/file_serving/content'
 require 'puppet/file_serving/metadata'
 require 'puppet/checksum'
 
-xmlrpc_handlers = [:Status, :FileServer, :Master, :Report, :CA, :Filebucket]
+xmlrpc_handlers = [:Status, :FileServer, :Master, :Report, :Filebucket]
 rest_handlers = [:file_content, :file_metadata, :certificate, :facts, :catalog, :report, :checksum]
 
+if Puppet[:ca]
+    xmlrpc_handlers << :CA
+end
+
 server = Puppet::Network::Server.new(:handlers => rest_handlers, :xmlrpc_handlers => xmlrpc_handlers)
 
 if Process.uid == 0
diff --git a/lib/puppet/network/http/webrick.rb b/lib/puppet/network/http/webrick.rb
index 30085ec47..3e7a28598 100644
--- a/lib/puppet/network/http/webrick.rb
+++ b/lib/puppet/network/http/webrick.rb
@@ -91,7 +91,7 @@ class Puppet::Network::HTTP::WEBrick
 
         host = Puppet::SSL::Host.new
 
-        host.generate unless host.key
+        host.generate unless host.certificate
 
         raise Puppet::Error, "Could not retrieve certificate for %s and not running on a valid certificate authority" % host.name unless host.certificate
 
diff --git a/spec/unit/network/http/webrick.rb b/spec/unit/network/http/webrick.rb
index 6bd3c2785..58b0d9a3d 100644
--- a/spec/unit/network/http/webrick.rb
+++ b/spec/unit/network/http/webrick.rb
@@ -303,25 +303,19 @@ describe Puppet::Network::HTTP::WEBrick do
 
         it "should use the key from an SSL::Host instance created with the default name" do
             Puppet::SSL::Host.expects(:new).returns @host
-            @host.expects(:key).returns "mykey"
+            @host.expects(:key).returns @key
 
             @server.setup_ssl[:SSLPrivateKey].should == "mykey"
         end
 
-        it "should generate a key if no key can be found" do
-            @host.expects(:key).times(2).returns(nil).then.returns(@key)
+        it "should generate its files if no certificate can be found" do
+            @host.expects(:certificate).times(2).returns(nil).then.returns(@cert)
 
             @host.expects(:generate)
 
             @server.setup_ssl
         end
 
-        it "should fail if no certificate can be found" do
-            @host.expects(:certificate).returns nil
-
-            lambda { @server.setup_ssl }.should raise_error(Puppet::Error)
-        end
-
         it "should configure the certificate" do
             @server.setup_ssl[:SSLCertificate].should == "mycert"
         end