71f8ae0e87
As described in Boulder issue #2800 the implementation of the SA's `countCertificates` function meant that the renewal exemption for the Certificates Per Domain rate limit was difficult to work with. To maximize allotted certificates clients were required to perform all new issuances first, followed by the "free" renewals. This arrangement was difficult to coordinate. In this PR `countCertificates` is updated such that renewals are excluded from the count reliably. To do so the SA takes the serials it finds for a given domain from the issuedNames table and cross references them with the FQDN sets it can find for the associated serials. With the FQDN sets a second query is done to find all the non-renewal FQDN sets for the serials, giving a count of the total non-renewal issuances to use for rate limiting. Resolves #2800 |
||
|---|---|---|
| .. | ||
| featureflag_string.go | ||
| features.go | ||
| features_test.go | ||