letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
boulder/cmd
History
Jacob Hoffman-Andrews 827f7859f2 Fix issuerCert in test configs. (#3310) 
Previously, there was a disagreement between WFE and CA as to what the correct
issuer certificate was. Consolidate on test-ca2.pem (h2ppy h2cker fake CA).
    
Also, the CA configs contained an outdated entry for "IssuerCert", which was not
being used: The CA configs now use an "Issuers" array to allow signing by
multiple issuer certificates at once (for instance when rolling intermediates).
Removed this outdated entry, and the config code for CA to load it. I've
confirmed these changes match what is currently in production.

Added an integration test to check for this problem in the future.

Fixes #3309, thanks to @icing for bringing the issue to our attention!

This also includes changes from #3321 to clarify certificates for WFE.
 		2018-01-09 07:56:39 -05:00
..
admin-revoker Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-ca Fix issuerCert in test configs. (#3310) 2018-01-09 07:56:39 -05:00
boulder-publisher Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-ra Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-sa Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-va Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-wfe Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
boulder-wfe2 Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
cert-checker Add parallelism to SA CountCertificatesByNames. (#3133) 2017-10-02 15:45:08 -04:00
expiration-mailer Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
expired-authz-purger Speed up expired authz purger (#3267) 2017-12-11 12:05:43 -05:00
gen-key Add a PKCS#11 key generation tool (#3163) 2017-10-30 16:09:28 -07:00
id-exporter Remove global state from metrics gathering (#3167) 2017-10-13 11:58:01 -07:00
notify-mailer Use TLS in mailer integration tests (#3213) 2017-11-06 14:57:14 -08:00
ocsp-responder Fix up stats after #3167 (#3185) 2017-10-18 11:14:59 -07:00
ocsp-updater Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
orphan-finder Restore gRPC metrics (#3265) 2017-12-07 15:44:55 -08:00
single-ocsp Improve single-ocsp command (#2181) 2016-09-15 15:28:54 -07:00
testdata Simplify gRPC TLS configs. (#2470) 2017-01-06 14:19:18 -08:00
weak-key-flatten Basic RSA known weak key checking (#2765) 2017-05-25 09:33:58 -07:00
weak-key-search Remove global state from metrics gathering (#3167) 2017-10-13 11:58:01 -07:00
clock_generic.go Switch to new vendor style (#1747) 2016-04-18 12:51:36 -07:00
clock_integration.go Switch to new vendor style (#1747) 2016-04-18 12:51:36 -07:00
config.go Increase default MaxIdleConns. (#3164) 2017-10-16 15:48:17 -07:00
config_test.go Simplify gRPC TLS configs. (#2470) 2017-01-06 14:19:18 -08:00
shell.go Restore expvar handler. (#3209) 2017-11-02 07:05:54 -07:00
shell_test.go Remove references to test-ca.pem. (#3322) 2018-01-05 12:07:12 -08:00