letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
boulder/test/config/ca.json

163 lines
4.1 KiB
JSON
Raw Blame History

{
"ca": {
"debugAddr": ":8001",
"tls": {
"caCertFile": "test/certs/ipki/minica.pem",
"certFile": "test/certs/ipki/ca.boulder/cert.pem",
"keyFile": "test/certs/ipki/ca.boulder/key.pem"
},
"hostnamePolicyFile": "test/hostname-policy.yaml",
"grpcCA": {
"maxConnectionAge": "30s",
"address": ":9093",
"services": {
"ca.CertificateAuthority": {
"clientNames": [
"ra.boulder"
]
},
"ca.OCSPGenerator": {
"clientNames": [
"ra.boulder"
]
},
"ca.CRLGenerator": {
"clientNames": [
"crl-updater.boulder"
]
},
"grpc.health.v1.Health": {
"clientNames": [
"health-checker.boulder"
]
}
}
},
"saService": {
"dnsAuthority": "consul.service.consul",
"srvLookup": {
"service": "sa",
"domain": "service.consul"
},
"timeout": "15s",
"noWaitForReady": true,
"hostOverride": "sa.boulder"
},
"issuance": {
"profile": {
"allowMustStaple": true,
"allowCTPoison": true,
"allowSCTList": true,
"allowCommonName": true,
"policies": [
{
"oid": "2.23.140.1.2.1"
}
],
"maxValidityPeriod": "7776000s",
"maxValidityBackdate": "1h5m"
},
"issuers": [
{
"active": true,
"issuerURL": "http://ca.example.org:4502/int-ecdsa-a",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/ecdsa-a/",
"location": {
"configFile": "test/certs/webpki/int-ecdsa-a.pkcs11.json",
"certFile": "test/certs/webpki/int-ecdsa-a.cert.pem",
"numSessions": 2
}
},
{
"active": true,
"issuerURL": "http://ca.example.org:4502/int-ecdsa-b",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/ecdsa-b/",
"location": {
"configFile": "test/certs/webpki/int-ecdsa-b.pkcs11.json",
"certFile": "test/certs/webpki/int-ecdsa-b.cert.pem",
"numSessions": 2
}
},
{
"active": false,
"issuerURL": "http://ca.example.org:4502/int-ecdsa-c",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/ecdsa-c/",
"location": {
"configFile": "test/certs/webpki/int-ecdsa-c.pkcs11.json",
"certFile": "test/certs/webpki/int-ecdsa-c.cert.pem",
"numSessions": 2
}
},
{
"active": true,
"issuerURL": "http://ca.example.org:4502/int-rsa-a",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/rsa-a/",
"location": {
"configFile": "test/certs/webpki/int-rsa-a.pkcs11.json",
"certFile": "test/certs/webpki/int-rsa-a.cert.pem",
"numSessions": 2
}
},
{
"active": true,
"issuerURL": "http://ca.example.org:4502/int-rsa-b",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/rsa-b/",
"location": {
"configFile": "test/certs/webpki/int-rsa-b.pkcs11.json",
"certFile": "test/certs/webpki/int-rsa-b.cert.pem",
"numSessions": 2
}
},
{
"active": false,
"issuerURL": "http://ca.example.org:4502/int-rsa-c",
"ocspURL": "http://ca.example.org:4002/",
"crlURLBase": "http://ca.example.org:4501/rsa-c/",
"location": {
"configFile": "test/certs/webpki/int-rsa-c.pkcs11.json",
"certFile": "test/certs/webpki/int-rsa-c.cert.pem",
"numSessions": 2
}
}
],
"lintConfig": "test/config/zlint.toml",
"ignoredLints": [
"w_subject_common_name_included",
"w_sub_cert_aia_contains_internal_names"
]
},
"expiry": "7776000s",
"backdate": "1h",
"serialPrefix": 127,
"maxNames": 100,
"lifespanOCSP": "96h",
"lifespanCRL": "216h",
"goodkey": {
"weakKeyFile": "test/example-weak-keys.json",
"blockedKeyFile": "test/example-blocked-keys.yaml",
"fermatRounds": 100
},
"ocspLogMaxLength": 4000,
"ocspLogPeriod": "500ms",
"features": {
"ECDSAForAll": true
}
},
"pa": {
"challenges": {
"http-01": true,
"dns-01": true,
"tls-alpn-01": true
}
},
"syslog": {
"stdoutlevel": 4,
"sysloglevel": 4
}
}
Reference in New Issue View Git Blame Copy Permalink