Package redis
import "github.com/letsencrypt/boulder/ocsp/responder/redis"
- Overview
- Index
Package redis provides a Redis-based OCSP responder.
This responder will first look for a response cached in Redis. If there is
no response, or the response is too old, it will make a request to the RA
for a freshly-signed response. If that succeeds, this responder will return
the response to the user right away, while storing a copy to Redis in a
separate goroutine.
If the response was too old, but the request to the RA failed, this
responder will serve the response anyhow. This allows for graceful
degradation: it is better to serve a response that is 5 days old (outside
the Baseline Requirements limits) than to serve no response at all.
It's assumed that this will be wrapped in a responder.filterSource, which
means that if a response is past its NextUpdate, we'll generate a 500.
- func NewCheckedRedisSource(base *redisSource, dbMap dbSelector, sac sapb.StorageAuthorityReadOnlyClient, stats prometheus.Registerer, log blog.Logger) (*checkedRedisSource, error)
- func NewRedisSource(client *rocsp.RWClient, signer responder.Source, liveSigningPeriod time.Duration, clk clock.Clock, stats prometheus.Registerer, log blog.Logger, logSampleRate int) (*redisSource, error)
Package files
checked_redis_source.go
redis_source.go
func NewCheckedRedisSource(base *redisSource, dbMap dbSelector, sac sapb.StorageAuthorityReadOnlyClient, stats prometheus.Registerer, log blog.Logger) (*checkedRedisSource, error)
NewCheckedRedisSource builds a source that queries both the DB and Redis, and confirms
the value in Redis matches the DB.
func NewRedisSource(
client *rocsp.RWClient,
signer responder.Source,
liveSigningPeriod time.Duration,
clk clock.Clock,
stats prometheus.Registerer,
log blog.Logger,
logSampleRate int,
) (*redisSource, error)
NewRedisSource returns a responder.Source which will look up OCSP responses in a
Redis table.