boulder

History

Roland Bracewell Shoemaker 85851a6f2e ca: implement our own certificate issuance lib (#5007 ) Adds a replacement issuance library that replaces CFSSL. Usage of the new library is gated by a feature, meaning until we fully deploy the new signer we need to support both the new one and CFSSL, which makes a few things a bit complicated. One Big follow-up change is that once CFSSL is completely gone we'll be able to stop using CSRs as the internal representation of issuance requests (i.e. instead of passing a CSR all the way through from the WFE -> CA and then converting it to the new signer.IssuanceRequest, we can just construct a signer.IssuanceRequest at the WFE (or RA) and pass that through the backend instead, making things a lot less opaque). Fixes #4906.	2020-08-17 15:53:28 -07:00
..
policy.go	ca: implement our own certificate issuance lib (#5007 )	2020-08-17 15:53:28 -07:00

Roland Bracewell Shoemaker 85851a6f2e

ca: implement our own certificate issuance lib (#5007 )

Adds a replacement issuance library that replaces CFSSL. Usage of the
new library is gated by a feature, meaning until we fully deploy the
new signer we need to support both the new one and CFSSL, which makes
a few things a bit complicated.

One Big follow-up change is that once CFSSL is completely gone we'll
be able to stop using CSRs as the internal representation of issuance
requests (i.e. instead of passing a CSR all the way through from the
WFE -> CA and then converting it to the new signer.IssuanceRequest,
we can just construct a signer.IssuanceRequest at the WFE (or RA) and
pass that through the backend instead, making things a lot less opaque).

Fixes #4906.

2020-08-17 15:53:28 -07:00

policy.go

ca: implement our own certificate issuance lib (#5007 )

2020-08-17 15:53:28 -07:00