notmain

package

v0.20260630.0 Latest Latest Go to latest Published: Jun 29, 2026 License: MPL-2.0 Imports: 35 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/letsencrypt/boulder

Links

Open Source Insights

Documentation ¶

Index ¶

type Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	CertChecker struct {
		DB cmd.DBConfig
		cmd.HostnamePolicyConfig

		Workers int `validate:"required,min=1"`
		// LookupDNSAuthority can only be specified with PushgatewayService. It's a single
		// <hostname|IPv4|[IPv6]>:<port> of the DNS server to be used for resolution
		// of pushgateway backends. If the address contains a hostname it will be resolved
		// using system DNS. If the address contains a port, the client will use it
		// directly, otherwise port 53 is used.
		LookupDNSAuthority string `validate:"excluded_without=PushgatewayService,required_with=PushgatewayService,omitempty,ip|hostname|hostname_port"`
		// PushgatewayService entry contains a service and domain name that will be used
		// to construct a SRV DNS query to lookup pushgateway backends. For example: if
		// the resource record is 'foo.service.consul', then the 'Service' is 'foo'
		// and the 'Domain' is 'service.consul'. The expected dNSName to be
		// authenticated in the server certificate would be 'foo.service.consul'.
		PushgatewayService *cmd.ServiceDomain `validate:"required_with=LookupDNSAuthority"`
		// Deprecated: cert-checker only logs bad results anyway.
		BadResultsOnly bool
		CheckPeriod    config.Duration

		// AcceptableValidityDurations is a list of durations which are
		// acceptable for certificates we issue.
		AcceptableValidityDurations []config.Duration

		// GoodKey is an embedded config stanza for the goodkey library. If this
		// is populated, the cert-checker will perform static checks against the
		// public keys in the certs it checks.
		GoodKey goodkey.Config

		// LintConfig is a path to a zlint config file, which can be used to control
		// the behavior of zlint's "customizable lints".
		LintConfig string
		// IgnoredLints is a list of zlint names. Any lint results from a lint in
		// the IgnoredLists list are ignored regardless of LintStatus level.
		IgnoredLints []string

		// CTLogListFile is the path to a JSON file on disk containing the set of
		// all logs trusted by Chrome. The file must match the v3 log list schema:
		// https://www.gstatic.com/ct/log_list/v3/log_list_schema.json
		CTLogListFile string

		// CTIncludeTestLogs allows logs marked as "test" to be included in the
		// CT log list used for linting. This should be enabled in environments
		// configured to submit SCTs to test logs.
		CTIncludeTestLogs bool

		Features features.Config
	}
	PA     cmd.PAConfig
	Syslog blog.Config
}

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL