github.com/letsencrypt/boulder@v0.20251208.0/test/config/zlint.toml

github.com/letsencrypt/boulder@v0.20251208.0/test/config/zlint.toml (about)

     1  [e_pkimetal_lint_cabf_serverauth_cert]
     2  addr = "http://bpkimetal:8080"
     3  severity = "notice"
     4  timeout = 2000000000 # 2 seconds
     5  ignore_lints = [
     6    # We continue to include the Common Name in our "classic" profile, but have
     7    # removed it from our "tlsserver" and "shortlived" profiles.
     8    "pkilint:cabf.serverauth.dv.common_name_attribute_present",
     9    "zlint:w_subject_common_name_included",
    10    # We continue to include the SKID extension in our "classic" profile, but have
    11    # removed it from our "tlsserver" and "shortlived" profiles.
    12    "pkilint:cabf.serverauth.subscriber.subject_key_identifier_extension_present",
    13    "zlint:w_ext_subject_key_identifier_not_recommended_subscriber",
    14    # We continue to include the Key Encipherment Key Usage for RSA certificates
    15    # issued under the "classic" profile, but have removed it from our "tlsserver"
    16    # and "shortlived" profiles.
    17    "pkilint:cabf.serverauth.subscriber_rsa_digitalsignature_and_keyencipherment_present",
    18  ]
    19  
    20  [e_pkimetal_lint_cabf_serverauth_crl]
    21  addr = "http://bpkimetal:8080"
    22  severity = "notice"
    23  timeout = 2000000000 # 2 seconds
    24  ignore_lints = []