29724cb0b7
This enables ocsp-responder to talk to the RA and request freshly signed OCSP responses. ocsp/responder/redis_source is moved to ocsp/responder/redis/redis_source.go and significantly modified. Instead of assuming a response is always available in Redis, it wraps a live-signing source. When a response is not available, it attempts a live signing. If live signing succeeds, the Redis responder returns the result right away and attempts to write a copy to Redis on a goroutine using a background context. To make things more efficient, I eliminate an unneeded ocsp.ParseResponse from the storage path. And I factored out a FakeResponse helper to make the unittests more manageable. Commits should be reviewable one-by-one. Fixes #6191 |
||
|---|---|---|
| .. | ||
| featureflag_string.go | ||
| features.go | ||
| features_test.go | ||