{ "syslog": { "network": "", "server": "", "stdoutlevel": 7, "sysloglevel": 4 }, "statsd": { "server": "localhost:8125", "prefix": "Boulder" }, "wfe": { "listenAddress": "0.0.0.0:4000", "allowOrigins": ["*"], "certCacheDuration": "6h", "certNoCacheExpirationWindow": "96h", "indexCacheDuration": "24h", "issuerCacheDuration": "48h", "shutdownStopTimeout": "10s", "shutdownKillTimeout": "1m", "debugAddr": "localhost:8000", "amqp": { "server": "amqp://guest:guest@localhost:5673", "insecure": true, "RA": { "server": "RA.server", "rpcTimeout": "15s" }, "SA": { "server": "SA.server", "rpcTimeout": "15s" } } }, "ca": { "serialPrefix": 255, "rsaProfile": "rsaEE", "ecdsaProfile": "ecdsaEE", "debugAddr": "localhost:8001", "Key": { "File": "test/test-ca.key" }, "expiry": "2160h", "lifespanOCSP": "96h", "maxNames": 1000, "doNotForceCN": true, "enableMustStaple": true, "hostnamePolicyFile": "test/hostname-policy.json", "cfssl": { "signing": { "profiles": { "rsaEE": { "usages": [ "digital signature", "key encipherment", "server auth", "client auth" ], "backdate": "1h", "is_ca": false, "issuer_urls": [ "http://127.0.0.1:4000/acme/issuer-cert" ], "ocsp_url": "http://127.0.0.1:4002/", "crl_url": "http://example.com/crl", "policies": [ { "ID": "2.23.140.1.2.1" }, { "ID": "1.2.3.4", "Qualifiers": [ { "type": "id-qt-cps", "value": "http://example.com/cps" }, { "type": "id-qt-unotice", "value": "Do What Thou Wilt" } ] } ], "expiry": "2160h", "CSRWhitelist": { "PublicKeyAlgorithm": true, "PublicKey": true, "SignatureAlgorithm": true }, "ClientProvidesSerialNumbers": true, "allowed_extensions": [ "1.3.6.1.5.5.7.1.24" ] }, "ecdsaEE": { "usages": [ "digital signature", "server auth", "client auth" ], "backdate": "1h", "is_ca": false, "issuer_urls": [ "http://127.0.0.1:4000/acme/issuer-cert" ], "ocsp_url": "http://127.0.0.1:4002/", "crl_url": "http://example.com/crl", "policies": [ { "ID": "2.23.140.1.2.1" }, { "ID": "1.2.3.4", "Qualifiers": [ { "type": "id-qt-cps", "value": "http://example.com/cps" }, { "type": "id-qt-unotice", "value": "Do What Thou Wilt" } ] } ], "expiry": "2160h", "CSRWhitelist": { "PublicKeyAlgorithm": true, "PublicKey": true, "SignatureAlgorithm": true }, "ClientProvidesSerialNumbers": true, "allowed_extensions": [ "1.3.6.1.5.5.7.1.24" ] } }, "default": { "usages": [ "digital signature" ], "expiry": "8760h" } } }, "maxConcurrentRPCServerRequests": 16, "publisherService": { "serverAddress": "boulder:9091", "serverIssuerPath": "test/grpc-creds/ca.pem", "clientCertificatePath": "test/grpc-creds/client.pem", "clientKeyPath": "test/grpc-creds/key.pem", "timeout": "10s" }, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "serviceQueue": "CA.server", "SA": { "server": "SA.server", "rpcTimeout": "15s" } } }, "pa": { "challenges": { "http-01": true, "tls-sni-01": true, "dns-01": true } }, "ra": { "rateLimitPoliciesFilename": "test/rate-limit-policies.yml", "maxConcurrentRPCServerRequests": 16, "maxContactsPerRegistration": 100, "dnsTries": 3, "debugAddr": "localhost:8002", "hostnamePolicyFile": "test/hostname-policy.json", "maxNames": 1000, "doNotForceCN": true, "vaService": { "serverAddress": "boulder:9092", "serverIssuerPath": "test/grpc-creds/ca.pem", "clientCertificatePath": "test/grpc-creds/client.pem", "clientKeyPath": "test/grpc-creds/key.pem", "timeout": "90s" }, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "serviceQueue": "RA.server", "VA": { "server": "VA.server", "rpcTimeout": "60s" }, "SA": { "server": "SA.server", "rpcTimeout": "15s" }, "CA": { "server": "CA.server", "rpcTimeout": "15s" } } }, "sa": { "dbConnectFile": "test/secrets/sa_dburl", "maxDBConns": 10, "maxConcurrentRPCServerRequests": 16, "debugAddr": "localhost:8003", "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "serviceQueue": "SA.server" } }, "va": { "userAgent": "boulder", "debugAddr": "localhost:8004", "portConfig": { "httpPort": 5002, "httpsPort": 5001, "tlsPort": 5001 }, "lookupIPV6": true, "maxConcurrentRPCServerRequests": 16, "dnsTries": 3, "issuerDomain": "happy-hacker-ca.invalid", "caaService": { "serverAddress": "boulder:9090", "serverIssuerPath": "test/grpc-creds/ca.pem", "clientCertificatePath": "test/grpc-creds/client.pem", "clientKeyPath": "test/grpc-creds/key.pem" }, "caaPublicResolver": { "timeout": "10s", "keepalive": "30s", "maxFailures": 1, "proxies": [] }, "grpc": { "address": "boulder:9092", "serverCertificatePath": "test/grpc-creds/server.pem", "serverKeyPath": "test/grpc-creds/key.pem", "clientIssuerPath": "test/grpc-creds/ca.pem" }, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "serviceQueue": "VA.server", "RA": { "server": "RA.server", "rpcTimeout": "15s" } } }, "revoker": { "dbConnectFile": "test/secrets/revoker_dburl", "maxDBConns": 1, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "RA": { "server": "RA.server", "rpcTimeout": "15s" }, "SA": { "server": "SA.server", "rpcTimeout": "15s" } } }, "ocspResponder": { "source": "mysql+tcp://ocsp_resp@boulder-mysql:3306/boulder_sa_integration?readTimeout=800ms&writeTimeout=800ms", "maxDBConns": 10, "path": "/", "listenAddress": "0.0.0.0:4002", "maxAge": "10s", "shutdownStopTimeout": "10s", "shutdownKillTimeout": "1m", "debugAddr": "localhost:8005" }, "ocspUpdater": { "dbConnectFile": "test/secrets/ocsp_updater_dburl", "maxDBConns": 10, "newCertificateWindow": "1s", "oldOCSPWindow": "2s", "missingSCTWindow": "1m", "revokedCertificateWindow": "1s", "newCertificateBatchSize": 1000, "oldOCSPBatchSize": 5000, "missingSCTBatchSize": 5000, "revokedCertificateBatchSize": 1000, "ocspMinTimeToExpiry": "72h", "oldestIssuedSCT": "72h", "signFailureBackoffFactor": 1.2, "signFailureBackoffMax": "30m", "debugAddr": "localhost:8006", "publisher": { "serverAddress": "boulder:9091", "serverIssuerPath": "test/grpc-creds/ca.pem", "clientCertificatePath": "test/grpc-creds/client.pem", "clientKeyPath": "test/grpc-creds/key.pem", "timeout": "10s" }, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "SA": { "server": "SA.server", "rpcTimeout": "15s" }, "CA": { "server": "CA.server", "rpcTimeout": "15s" } } }, "mailer": { "server": "localhost", "port": "9380", "username": "cert-master@example.com", "from": "Expiry bot ", "passwordFile": "test/secrets/smtp_password", "dbConnectFile": "test/secrets/mailer_dburl", "maxDBConns": 10, "messageLimit": 0, "nagTimes": ["24h", "72h", "168h", "336h"], "nagCheckInterval": "24h", "emailTemplate": "test/example-expiration-template", "debugAddr": "localhost:8008", "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "SA": { "server": "SA.server", "rpcTimeout": "15s" } } }, "publisher": { "maxConcurrentRPCServerRequests": 16, "submissionTimeout": "5s", "debugAddr": "localhost:8009", "grpc": { "address": "boulder:9091", "clientIssuerPath": "test/grpc-creds/ca.pem", "serverCertificatePath": "test/grpc-creds/server.pem", "serverKeyPath": "test/grpc-creds/key.pem" }, "amqp": { "serverURLFile": "test/secrets/amqp_url", "insecure": true, "serviceQueue": "Publisher.server", "SA": { "server": "SA.server", "rpcTimeout": "15s" } } }, "common": { "issuerCert": "test/test-ca.pem", "dnsResolver": "127.0.0.1:8053", "dnsTimeout": "10s", "dnsAllowLoopbackAddresses": true, "ct": { "logs": [ { "uri": "http://127.0.0.1:4500", "key": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYggOxPnPkzKBIhTacSYoIfnSL2jPugcbUKx83vFMvk5gKAz/AGe87w20riuPwEGn229hKVbEKHFB61NIqNHC3Q==" } ], "intermediateBundleFilename": "test/test-ca.pem" } }, "certChecker": { "dbConnectFile": "test/secrets/cert_checker_dburl", "maxDBConns": 10 }, "subscriberAgreementURL": "http://boulder:4000/terms/v1", "allowedSigningAlgos": { "rsa": true, "ecdsanistp256": true, "ecdsanistp384": true, "ecdsanistp521": false } }