1{
2 "ca": {
3 "debugAddr": ":8001",
4 "tls": {
5 "caCertFile": "test/grpc-creds/minica.pem",
6 "certFile": "test/grpc-creds/ca.boulder/cert.pem",
7 "keyFile": "test/grpc-creds/ca.boulder/key.pem"
8 },
9 "hostnamePolicyFile": "test/hostname-policy.yaml",
10 "grpcCA": {
11 "maxConnectionAge": "30s",
12 "address": ":9093",
13 "services": {
14 "ca.CertificateAuthority": {
15 "clientNames": [
16 "ra.boulder"
17 ]
18 },
19 "ca.OCSPGenerator": {
20 "clientNames": [
21 "ra.boulder"
22 ]
23 },
24 "ca.CRLGenerator": {
25 "clientNames": [
26 "crl-updater.boulder"
27 ]
28 },
29 "grpc.health.v1.Health": {
30 "clientNames": [
31 "health-checker.boulder"
32 ]
33 }
34 }
35 },
36 "saService": {
37 "dnsAuthority": "consul.service.consul",
38 "srvLookup": {
39 "service": "sa",
40 "domain": "service.consul"
41 },
42 "timeout": "15s",
43 "noWaitForReady": true,
44 "hostOverride": "sa.boulder"
45 },
46 "issuance": {
47 "profile": {
48 "allowMustStaple": true,
49 "allowCTPoison": true,
50 "allowSCTList": true,
51 "allowCommonName": true,
52 "policies": [
53 {
54 "oid": "2.23.140.1.2.1"
55 }
56 ],
57 "maxValidityPeriod": "7776000s",
58 "maxValidityBackdate": "1h5m"
59 },
60 "issuers": [
61 {
62 "useForRSALeaves": false,
63 "useForECDSALeaves": true,
64 "issuerURL": "http://127.0.0.1:4001/aia/issuer/5214744660557630",
65 "ocspURL": "http://127.0.0.1:4002/",
66 "location": {
67 "configFile": "/hierarchy/intermediate-signing-key-ecdsa.pkcs11.json",
68 "certFile": "/hierarchy/intermediate-cert-ecdsa-a.pem",
69 "numSessions": 2
70 }
71 },
72 {
73 "useForRSALeaves": true,
74 "useForECDSALeaves": true,
75 "issuerURL": "http://127.0.0.1:4001/aia/issuer/6605440498369741",
76 "ocspURL": "http://127.0.0.1:4002/",
77 "crlURL": "http://example.com/crl",
78 "location": {
79 "configFile": "/hierarchy/intermediate-signing-key-rsa.pkcs11.json",
80 "certFile": "/hierarchy/intermediate-cert-rsa-a.pem",
81 "numSessions": 2
82 }
83 },
84 {
85 "useForRSALeaves": false,
86 "useForECDSALeaves": false,
87 "issuerURL": "http://127.0.0.1:4001/aia/issuer/41127673797486028",
88 "ocspURL": "http://127.0.0.1:4002/",
89 "crlURL": "http://example.com/crl",
90 "location": {
91 "configFile": "/hierarchy/intermediate-signing-key-rsa.pkcs11.json",
92 "certFile": "/hierarchy/intermediate-cert-rsa-b.pem",
93 "numSessions": 2
94 }
95 }
96 ],
97 "ignoredLints": [
98 "n_subject_common_name_included"
99 ]
100 },
101 "expiry": "7776000s",
102 "backdate": "1h",
103 "serialPrefix": 255,
104 "maxNames": 100,
105 "lifespanOCSP": "96h",
106 "lifespanCRL": "216h",
107 "crldpBase": "http://c.boulder.test",
108 "goodkey": {
109 "weakKeyFile": "test/example-weak-keys.json",
110 "blockedKeyFile": "test/example-blocked-keys.yaml",
111 "fermatRounds": 100
112 },
113 "ocspLogMaxLength": 4000,
114 "ocspLogPeriod": "500ms",
115 "ctLogListFile": "test/ct-test-srv/log_list.json",
116 "features": {
117 "ECDSAForAll": true,
118 "RequireCommonName": false
119 }
120 },
121 "pa": {
122 "challenges": {
123 "http-01": true,
124 "dns-01": true,
125 "tls-alpn-01": true
126 }
127 },
128 "syslog": {
129 "stdoutlevel": 4,
130 "sysloglevel": -1
131 },
132 "openTelemetry": {
133 "endpoint": "bjaeger:4317",
134 "sampleratio": 1
135 }
136}
View as plain text