Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
RVA struct {
vaConfig.Common
// Perspective uniquely identifies the Network Perspective used to
// perform the validation, as specified in BRs Section 5.4.1,
// Requirement 2.7 ("Multi-Perspective Issuance Corroboration attempts
// from each Network Perspective"). It should uniquely identify a group
// of RVAs deployed in the same datacenter.
//
// TODO(#7615): Make mandatory.
Perspective string `validate:"omitempty"`
// RIR indicates the Regional Internet Registry where this RVA is
// located. This field is used to identify the RIR region from which a
// given validation was performed, as specified in the "Phased
// Implementation Timeline" in BRs Section 3.2.2.9. It must be one of
// the following values:
// - ARIN
// - RIPE
// - APNIC
// - LACNIC
// - AfriNIC
//
// TODO(#7615): Make mandatory.
RIR string `validate:"omitempty,oneof=ARIN RIPE APNIC LACNIC AfriNIC"`
// SkipGRPCClientCertVerification, when disabled as it should typically
// be, will cause the remoteva server (which receives gRPCs from a
// boulder-va client) to use our default RequireAndVerifyClientCert
// policy. When enabled, the remoteva server will instead use the less
// secure VerifyClientCertIfGiven policy. It should typically be used in
// conjunction with the boulder-va "RVATLSClient" configuration object.
//
// An operator may choose to enable this if the remoteva server is
// logically behind an OSI layer-7 loadbalancer/reverse proxy which
// decrypts traffic and does not/cannot re-encrypt it's own client
// connection to the remoteva server.
//
// Use with caution.
//
// For more information, see: https://pkg.go.dev/crypto/tls#ClientAuthType
SkipGRPCClientCertVerification bool
Features features.Config
}
Syslog cmd.SyslogConfig
OpenTelemetry cmd.OpenTelemetryConfig
}
Source Files
Click to show internal directories.
Click to hide internal directories.