Client metadata copy -- cannot assign public key?

Has anyone tried this before? We have a small tool that does this:

    when 'client'
      dest = klass.json_create(source.to_hash)

Where klass is Chef::ApiClient and source and dest are related to different chef servers.

This doesn’t work because the #save method in Chef::ApiClient doesn’t transmit any keys by default, and so they are generated as the underlying REST interface doesn’t supply them.

What also doesn’t work is this:

r.post_rest(“client”, { :name =>, :admin => source.admin, :public_key => source.public_key})

Where r is a Chef::REST object (creating the client with the public_key pre-seeded)

In the former case it regenerates the public key (looked at the code; makes sense but cannot override that function). In the latter case it returns 403 Forbidden.

All of my source dives have been against 0.10.9 so I’m sure we’re running the latest functionality.

Is this a restriction on the chef server that I’ve overlooked, or am I doing something wrong here? And if it is a restriction, is there a good reason for it that I’m missing?

Any help would be greatly appreciated.