diff --git a/ca/ocsp.go b/ca/ocsp.go
index b90b48e6a..c829d6784 100644
--- a/ca/ocsp.go
+++ b/ca/ocsp.go
@@ -271,35 +271,9 @@ func (olq *ocspLogQueue) stop() {
 	olq.wg.Wait()
 }
 
-// disabledOCSPImpl implements the capb.OCSPGeneratorServer interface, but
-// returns an error for all gRPC methods. This is only used to replace a real
-// impl when the OCSPGenerator service is disabled.
-// TODO(#6448): Remove this.
-type disabledOCSPImpl struct {
-	capb.UnimplementedOCSPGeneratorServer
-}
-
-// NewDisabledOCSPImpl returns an object which implements the
-// capb.OCSPGeneratorServer interface, but always returns errors.
-func NewDisabledOCSPImpl() *disabledOCSPImpl {
-	return &disabledOCSPImpl{}
-}
-
-// GenerateOCSP always returns an error because the service is disabled.
-func (oi *disabledOCSPImpl) GenerateOCSP(ctx context.Context, req *capb.GenerateOCSPRequest) (*capb.OCSPResponse, error) {
-	return nil, errors.New("the OCSPGenerator gRPC service is disabled")
-}
-
-// LogOCSPLoop is an no-op because there is no OCSP issuance to be logged.
-func (oi *disabledOCSPImpl) LogOCSPLoop() {}
-
-// Stop is a no-op because there is no log loop to be stopped.
-func (oi *disabledOCSPImpl) Stop() {}
-
-// OCSPGenerator is an interface met by both the ocspImpl and disabledOCSPImpl
-// types. It exists only so that the caImpl can equivalently consume either
-// type, depending on whether or not the OCSP Generator service is disabled.
-// TODO(#6448): Remove this.
+// OCSPGenerator is an interface which exposes both the auto-generated gRPC
+// methods and our special-purpose log queue start and stop methods, so that
+// they can be called from main without exporting the ocspImpl type.
 type OCSPGenerator interface {
 	capb.OCSPGeneratorServer
 	LogOCSPLoop()
diff --git a/cmd/boulder-ca/main.go b/cmd/boulder-ca/main.go
index 0164738e3..0b4973b8e 100644
--- a/cmd/boulder-ca/main.go
+++ b/cmd/boulder-ca/main.go
@@ -29,9 +29,6 @@ type Config struct {
 		cmd.HostnamePolicyConfig
 
 		GRPCCA *cmd.GRPCServerConfig
-		// TODO(#6448): Remove these deprecated server configs.
-		GRPCOCSPGenerator *cmd.GRPCServerConfig
-		GRPCCRLGenerator  *cmd.GRPCServerConfig
 
 		SAService *cmd.GRPCClientConfig
 
@@ -148,9 +145,6 @@ func main() {
 	caAddr := flag.String("ca-addr", "", "CA gRPC listen address override")
 	debugAddr := flag.String("debug-addr", "", "Debug server address override")
 	configFile := flag.String("config", "", "File path to the configuration file for this service")
-	// TODO(#6448): Remove these deprecated ocsp and crl addr flags.
-	_ = flag.String("ocsp-addr", "", "OCSP gRPC listen address override")
-	_ = flag.String("crl-addr", "", "CRL gRPC listen address override")
 	flag.Parse()
 	if *configFile == "" {
 		flag.Usage()
@@ -255,7 +249,7 @@ func main() {
 
 	srv := bgrpc.NewServer(c.CA.GRPCCA)
 
-	// TODO(#6448): Remove this predeclaration when NewCertificateAuthorityImpl
+	// TODO(#6285): Remove this predeclaration when NewCertificateAuthorityImpl
 	// no longer needs ocspi as an argument.
 	var ocspi ca.OCSPGenerator
 	if !c.CA.DisableOCSPService {
diff --git a/test/config/ca-a.json b/test/config/ca-a.json
index d26336643..8ccb030ce 100644
--- a/test/config/ca-a.json
+++ b/test/config/ca-a.json
@@ -34,39 +34,6 @@
 				}
 			}
 		},
-		"grpcOCSPGenerator": {
-			"maxConnectionAge": "30s",
-			"address": ":9096",
-			"services": {
-				"ca.OCSPGenerator": {
-					"clientNames": [
-						"orphan-finder.boulder",
-						"ra.boulder"
-					]
-				},
-				"grpc.health.v1.Health": {
-					"clientNames": [
-						"health-checker.boulder"
-					]
-				}
-			}
-		},
-		"grpcCRLGenerator": {
-			"maxConnectionAge": "30s",
-			"address": ":9106",
-			"services": {
-				"ca.CRLGenerator": {
-					"clientNames": [
-						"crl-updater.boulder"
-					]
-				},
-				"grpc.health.v1.Health": {
-					"clientNames": [
-						"health-checker.boulder"
-					]
-				}
-			}
-		},
 		"saService": {
 			"serverAddress": "sa.service.consul:9095",
 			"timeout": "15s",
diff --git a/test/config/ca-b.json b/test/config/ca-b.json
index a2cb52d72..c0c22d383 100644
--- a/test/config/ca-b.json
+++ b/test/config/ca-b.json
@@ -34,39 +34,6 @@
 				}
 			}
 		},
-		"grpcOCSPGenerator": {
-			"maxConnectionAge": "30s",
-			"address": ":9096",
-			"services": {
-				"ca.OCSPGenerator": {
-					"clientNames": [
-						"orphan-finder.boulder",
-						"ra.boulder"
-					]
-				},
-				"grpc.health.v1.Health": {
-					"clientNames": [
-						"health-checker.boulder"
-					]
-				}
-			}
-		},
-		"grpcCRLGenerator": {
-			"maxConnectionAge": "30s",
-			"address": ":9106",
-			"services": {
-				"ca.CRLGenerator": {
-					"clientNames": [
-						"crl-updater.boulder"
-					]
-				},
-				"grpc.health.v1.Health": {
-					"clientNames": [
-						"health-checker.boulder"
-					]
-				}
-			}
-		},
 		"saService": {
 			"serverAddress": "sa.service.consul:9095",
 			"timeout": "15s",
diff --git a/test/consul/config.hcl b/test/consul/config.hcl
index 736fd111a..c9b558411 100644
--- a/test/consul/config.hcl
+++ b/test/consul/config.hcl
@@ -68,38 +68,6 @@ services {
   tags    = ["tcp"] // Required for SRV RR support in gRPC DNS resolution.
 }
 
-services {
-  id      = "ca-ocsp-a"
-  name    = "ca-ocsp"
-  address = "10.77.77.77"
-  port    = 9096
-  tags    = ["tcp"] // Required for SRV RR support in gRPC DNS resolution.
-}
-
-services {
-  id      = "ca-ocsp-b"
-  name    = "ca-ocsp"
-  address = "10.88.88.88"
-  port    = 9096
-  tags    = ["tcp"] // Required for SRV RR support in gRPC DNS resolution.
-}
-
-services {
-  id      = "ca-crl-a"
-  name    = "ca-crl"
-  address = "10.77.77.77"
-  port    = 9106
-  tags    = ["tcp"] // Required for SRV RR support in gRPC DNS resolution.
-}
-
-services {
-  id      = "ca-crl-b"
-  name    = "ca-crl"
-  address = "10.88.88.88"
-  port    = 9106
-  tags    = ["tcp"] // Required for SRV RR support in gRPC DNS resolution.
-}
-
 services {
   id      = "crl-storer-a"
   name    = "crl-storer"
diff --git a/test/startservers.py b/test/startservers.py
index a85339777..3f6c0cd20 100644
--- a/test/startservers.py
+++ b/test/startservers.py
@@ -59,11 +59,11 @@ SERVICES = (
         ('boulder-remoteva-a', 'boulder-remoteva-b')),
     Service('boulder-ca-a',
         8001, 'ca1.service.consul:9093',
-        ('./bin/boulder', 'boulder-ca', '--config', os.path.join(config_dir, 'ca-a.json'), '--ca-addr', 'ca1.service.consul:9093', '--ocsp-addr', 'ca1.service.consul:9096', '--crl-addr', 'ca1.service.consul:9106', '--debug-addr', ':8001'),
+        ('./bin/boulder', 'boulder-ca', '--config', os.path.join(config_dir, 'ca-a.json'), '--ca-addr', 'ca1.service.consul:9093', '--debug-addr', ':8001'),
         ('boulder-sa-1', 'boulder-sa-2')),
     Service('boulder-ca-b',
         8101, 'ca2.service.consul:9093',
-        ('./bin/boulder', 'boulder-ca', '--config', os.path.join(config_dir, 'ca-b.json'), '--ca-addr', 'ca2.service.consul:9093', '--ocsp-addr', 'ca2.service.consul:9096', '--crl-addr', 'ca2.service.consul:9106', '--debug-addr', ':8101'),
+        ('./bin/boulder', 'boulder-ca', '--config', os.path.join(config_dir, 'ca-b.json'), '--ca-addr', 'ca2.service.consul:9093', '--debug-addr', ':8101'),
         ('boulder-sa-1', 'boulder-sa-2')),
     Service('akamai-test-srv',
         6789, None,