github.com/letsencrypt/boulder@v0.20251208.0/test/config-next/wfe2.json (about) 1 { 2 "wfe": { 3 "timeout": "30s", 4 "serverCertificatePath": "test/certs/ipki/boulder/cert.pem", 5 "serverKeyPath": "test/certs/ipki/boulder/key.pem", 6 "allowOrigins": [ 7 "*" 8 ], 9 "shutdownStopTimeout": "10s", 10 "subscriberAgreementURL": "https://boulder.service.consul:4431/terms/v7", 11 "directoryCAAIdentity": "happy-hacker-ca.invalid", 12 "directoryWebsite": "https://github.com/letsencrypt/boulder", 13 "legacyKeyIDPrefix": "http://boulder.service.consul:4000/reg/", 14 "goodkey": {}, 15 "maxContactsPerRegistration": 3, 16 "tls": { 17 "caCertFile": "test/certs/ipki/minica.pem", 18 "certFile": "test/certs/ipki/wfe.boulder/cert.pem", 19 "keyFile": "test/certs/ipki/wfe.boulder/key.pem" 20 }, 21 "raService": { 22 "dnsAuthority": "consul.service.consul", 23 "srvLookup": { 24 "service": "ra", 25 "domain": "service.consul" 26 }, 27 "timeout": "15s", 28 "noWaitForReady": true, 29 "hostOverride": "ra.boulder" 30 }, 31 "saService": { 32 "dnsAuthority": "consul.service.consul", 33 "srvLookup": { 34 "service": "sa", 35 "domain": "service.consul" 36 }, 37 "timeout": "15s", 38 "noWaitForReady": true, 39 "hostOverride": "sa.boulder" 40 }, 41 "emailExporter": { 42 "dnsAuthority": "consul.service.consul", 43 "srvLookup": { 44 "service": "email-exporter", 45 "domain": "service.consul" 46 }, 47 "timeout": "15s", 48 "noWaitForReady": true, 49 "hostOverride": "email-exporter.boulder" 50 }, 51 "accountCache": { 52 "size": 9000, 53 "ttl": "5s" 54 }, 55 "getNonceService": { 56 "dnsAuthority": "consul.service.consul", 57 "srvLookup": { 58 "service": "nonce-taro", 59 "domain": "service.consul" 60 }, 61 "timeout": "15s", 62 "noWaitForReady": true, 63 "hostOverride": "nonce.boulder" 64 }, 65 "redeemNonceService": { 66 "dnsAuthority": "consul.service.consul", 67 "srvLookups": [ 68 { 69 "service": "nonce-taro", 70 "domain": "service.consul" 71 }, 72 { 73 "service": "nonce-zinc", 74 "domain": "service.consul" 75 } 76 ], 77 "srvResolver": "nonce-srv", 78 "timeout": "15s", 79 "noWaitForReady": true, 80 "hostOverride": "nonce.boulder" 81 }, 82 "nonceHMACKey": { 83 "keyFile": "test/secrets/nonce_prefix_key" 84 }, 85 "chains": [ 86 [ 87 "test/certs/webpki/int-rsa-a.cert.pem", 88 "test/certs/webpki/root-rsa.cert.pem" 89 ], 90 [ 91 "test/certs/webpki/int-rsa-b.cert.pem", 92 "test/certs/webpki/root-rsa.cert.pem" 93 ], 94 [ 95 "test/certs/webpki/int-ecdsa-a.cert.pem", 96 "test/certs/webpki/root-ecdsa.cert.pem" 97 ], 98 [ 99 "test/certs/webpki/int-ecdsa-b.cert.pem", 100 "test/certs/webpki/root-ecdsa.cert.pem" 101 ], 102 [ 103 "test/certs/webpki/int-ecdsa-a-cross.cert.pem", 104 "test/certs/webpki/root-rsa.cert.pem" 105 ], 106 [ 107 "test/certs/webpki/int-ecdsa-b-cross.cert.pem", 108 "test/certs/webpki/root-rsa.cert.pem" 109 ] 110 ], 111 "staleTimeout": "5m", 112 "limiter": { 113 "redis": { 114 "username": "boulder", 115 "passwordFile": "test/secrets/redis_password", 116 "lookups": [ 117 { 118 "Service": "redisratelimits", 119 "Domain": "service.consul" 120 } 121 ], 122 "lookupDNSAuthority": "consul.service.consul", 123 "readTimeout": "250ms", 124 "writeTimeout": "250ms", 125 "poolSize": 100, 126 "routeRandomly": true, 127 "tls": { 128 "caCertFile": "test/certs/ipki/minica.pem", 129 "certFile": "test/certs/ipki/wfe.boulder/cert.pem", 130 "keyFile": "test/certs/ipki/wfe.boulder/key.pem" 131 } 132 }, 133 "Defaults": "test/config-next/ratelimit-defaults.yml", 134 "OverridesFromDB": true 135 }, 136 "features": { 137 "PropagateCancels": true, 138 "ServeRenewalInfo": true, 139 "CheckIdentifiersPaused": true 140 }, 141 "certProfiles": { 142 "legacy": "The normal profile you know and love", 143 "modern": "Profile 2: Electric Boogaloo", 144 "shortlived": "Like modern, but smaller" 145 }, 146 "unpause": { 147 "hmacKey": { 148 "keyFile": "test/secrets/sfe_unpause_key" 149 }, 150 "jwtLifetime": "336h", 151 "url": "https://boulder.service.consul:4003" 152 } 153 }, 154 "syslog": { 155 "stdoutlevel": 7, 156 "sysloglevel": -1 157 }, 158 "openTelemetry": { 159 "endpoint": "bjaeger:4317", 160 "sampleratio": 1 161 }, 162 "openTelemetryHttpConfig": { 163 "trustIncomingSpans": true 164 } 165 }