boulder

History

Daniel McCarney a2b8faea1e Only resubmit missing SCTs. (#2342 ) This PR introduces the ability for the ocsp-updater to only resubmit certificates to logs that we are missing SCTs from. Prior to this commit when a certificate was missing one or more SCTs we would submit it to every log, causing unnecessary overhead for us and the log operator. To accomplish this a new RPC endpoint is added to the Publisher service "SubmitToSingleCT". Unlike the existing "SubmitToCT" this RPC endpoint accepts a log URI and public key in addition to the certificate DER bytes. The certificate is submitted directly to that log, and a cache of constructed resources is maintained so that subsequent submissions to the same log can reuse the stat name, verifier, and submission client. Resolves #1679	2016-12-05 13:54:02 -08:00
..
ca.go	Revert #2088 (#2137 )	2016-08-23 14:01:37 -04:00
mocks.go	Only resubmit missing SCTs. (#2342 )	2016-12-05 13:54:02 -08:00

Daniel McCarney a2b8faea1e Only resubmit missing SCTs. (#2342 )

This PR introduces the ability for the ocsp-updater to only resubmit certificates to logs that we are missing SCTs from. Prior to this commit when a certificate was missing one or more SCTs we would submit it to every log, causing unnecessary overhead for us and the log operator.

To accomplish this a new RPC endpoint is added to the Publisher service "SubmitToSingleCT". Unlike the existing "SubmitToCT" this RPC endpoint accepts a log URI and public key in addition to the certificate DER bytes. The certificate is submitted directly to that log, and a cache of constructed resources is maintained so that subsequent submissions to the same log can reuse the stat name, verifier, and submission client.

Resolves #1679

2016-12-05 13:54:02 -08:00

ca.go

Revert #2088 (#2137 )

2016-08-23 14:01:37 -04:00

mocks.go

Only resubmit missing SCTs. (#2342 )

2016-12-05 13:54:02 -08:00