github.com/letsencrypt/boulder@v0.20251208.0/test/config/ra.json (about) 1 { 2 "ra": { 3 "limiter": { 4 "redis": { 5 "username": "boulder", 6 "passwordFile": "test/secrets/redis_password", 7 "lookups": [ 8 { 9 "Service": "redisratelimits", 10 "Domain": "service.consul" 11 } 12 ], 13 "lookupDNSAuthority": "consul.service.consul", 14 "readTimeout": "250ms", 15 "writeTimeout": "250ms", 16 "poolSize": 100, 17 "routeRandomly": true, 18 "tls": { 19 "caCertFile": "test/certs/ipki/minica.pem", 20 "certFile": "test/certs/ipki/wfe.boulder/cert.pem", 21 "keyFile": "test/certs/ipki/wfe.boulder/key.pem" 22 } 23 }, 24 "Defaults": "test/config/ratelimit-defaults.yml", 25 "Overrides": "test/config/ratelimit-overrides.yml" 26 }, 27 "maxContactsPerRegistration": 3, 28 "debugAddr": ":8002", 29 "hostnamePolicyFile": "test/ident-policy.yaml", 30 "goodkey": {}, 31 "issuerCerts": [ 32 "test/certs/webpki/int-rsa-a.cert.pem", 33 "test/certs/webpki/int-rsa-b.cert.pem", 34 "test/certs/webpki/int-rsa-c.cert.pem", 35 "test/certs/webpki/int-ecdsa-a.cert.pem", 36 "test/certs/webpki/int-ecdsa-b.cert.pem", 37 "test/certs/webpki/int-ecdsa-c.cert.pem" 38 ], 39 "validationProfiles": { 40 "legacy": { 41 "pendingAuthzLifetime": "168h", 42 "validAuthzLifetime": "720h", 43 "orderLifetime": "168h", 44 "maxNames": 100, 45 "identifierTypes": [ 46 "dns" 47 ] 48 }, 49 "modern": { 50 "pendingAuthzLifetime": "7h", 51 "validAuthzLifetime": "7h", 52 "orderLifetime": "7h", 53 "maxNames": 10, 54 "identifierTypes": [ 55 "dns" 56 ] 57 }, 58 "shortlived": { 59 "pendingAuthzLifetime": "7h", 60 "validAuthzLifetime": "7h", 61 "orderLifetime": "7h", 62 "maxNames": 10, 63 "identifierTypes": [ 64 "dns", 65 "ip" 66 ] 67 } 68 }, 69 "defaultProfileName": "legacy", 70 "tls": { 71 "caCertFile": "test/certs/ipki/minica.pem", 72 "certFile": "test/certs/ipki/ra.boulder/cert.pem", 73 "keyFile": "test/certs/ipki/ra.boulder/key.pem" 74 }, 75 "vaService": { 76 "dnsAuthority": "consul.service.consul", 77 "srvLookup": { 78 "service": "va", 79 "domain": "service.consul" 80 }, 81 "timeout": "20s", 82 "noWaitForReady": true, 83 "hostOverride": "va.boulder" 84 }, 85 "caService": { 86 "dnsAuthority": "consul.service.consul", 87 "srvLookup": { 88 "service": "ca", 89 "domain": "service.consul" 90 }, 91 "timeout": "15s", 92 "noWaitForReady": true, 93 "hostOverride": "ca.boulder" 94 }, 95 "publisherService": { 96 "dnsAuthority": "consul.service.consul", 97 "srvLookup": { 98 "service": "publisher", 99 "domain": "service.consul" 100 }, 101 "timeout": "300s", 102 "noWaitForReady": true, 103 "hostOverride": "publisher.boulder" 104 }, 105 "saService": { 106 "dnsAuthority": "consul.service.consul", 107 "srvLookup": { 108 "service": "sa", 109 "domain": "service.consul" 110 }, 111 "timeout": "15s", 112 "noWaitForReady": true, 113 "hostOverride": "sa.boulder" 114 }, 115 "grpc": { 116 "maxConnectionAge": "30s", 117 "services": { 118 "ra.RegistrationAuthority": { 119 "clientNames": [ 120 "admin.boulder", 121 "bad-key-revoker.boulder", 122 "wfe.boulder", 123 "sfe.boulder" 124 ] 125 }, 126 "ra.SCTProvider": { 127 "clientNames": [ 128 "ca.boulder" 129 ] 130 }, 131 "grpc.health.v1.Health": { 132 "clientNames": [ 133 "health-checker.boulder" 134 ] 135 } 136 } 137 }, 138 "features": { 139 "AutomaticallyPauseZombieClients": true, 140 "NoPendingAuthzReuse": true, 141 "EnforceMPIC": true, 142 "UnsplitIssuance": true 143 }, 144 "ctLogs": { 145 "stagger": "500ms", 146 "logListFile": "test/ct-test-srv/log_list.json", 147 "sctLogs": [ 148 "A1 Current", 149 "A1 Future", 150 "A2 Past", 151 "A2 Current", 152 "B1", 153 "B2", 154 "C1", 155 "D1", 156 "E1" 157 ], 158 "infoLogs": [ 159 "F1" 160 ], 161 "finalLogs": [ 162 "A1 Current", 163 "A1 Future", 164 "C1", 165 "F1" 166 ] 167 } 168 }, 169 "pa": { 170 "challenges": { 171 "http-01": true, 172 "dns-01": true, 173 "tls-alpn-01": true 174 }, 175 "identifiers": { 176 "dns": true, 177 "ip": true 178 } 179 }, 180 "syslog": { 181 "stdoutlevel": 6, 182 "sysloglevel": 6 183 } 184 }