github.com/letsencrypt/boulder@v0.20251208.0/ca/proto/ca.proto (about) 1 syntax = "proto3"; 2 3 package ca; 4 option go_package = "github.com/letsencrypt/boulder/ca/proto"; 5 6 import "core/proto/core.proto"; 7 import "google/protobuf/timestamp.proto"; 8 9 // CertificateAuthority issues certificates. 10 service CertificateAuthority { 11 // IssueCertificate issues a precertificate, gets SCTs, issues a certificate, and returns that. 12 rpc IssueCertificate(IssueCertificateRequest) returns (IssueCertificateResponse) {} 13 } 14 15 message IssueCertificateRequest { 16 // Next unused field number: 6 17 bytes csr = 1; 18 int64 registrationID = 2; 19 int64 orderID = 3; 20 reserved 4; // Previously issuerNameID 21 22 // certProfileName is a human readable name provided by the RA and used to 23 // determine if the CA can issue for that profile. A default name will be 24 // assigned inside the CA during *Profile construction if no name is provided. 25 // The value of this field should not be relied upon inside the RA. 26 string certProfileName = 5; 27 } 28 29 message IssueCertificateResponse { 30 bytes DER = 1; 31 } 32 33 // CRLGenerator signs CRLs. It is separated for the same reason as OCSPGenerator. 34 service CRLGenerator { 35 rpc GenerateCRL(stream GenerateCRLRequest) returns (stream GenerateCRLResponse) {} 36 } 37 38 message GenerateCRLRequest { 39 oneof payload { 40 CRLMetadata metadata = 1; 41 core.CRLEntry entry = 2; 42 } 43 } 44 45 message CRLMetadata { 46 // Next unused field number: 5 47 int64 issuerNameID = 1; 48 reserved 2; // Previously thisUpdateNS 49 google.protobuf.Timestamp thisUpdate = 4; 50 int64 shardIdx = 3; 51 } 52 53 message GenerateCRLResponse { 54 bytes chunk = 1; 55 }