va

Documentation

Index

• Variables
• type CAASet
• type PortConfig
• type ValidationAuthorityImpl
  • func NewValidationAuthorityImpl(pc *PortConfig, stats statsd.Statter, clk clock.Clock) *ValidationAuthorityImpl
  • func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error)
  • func (va *ValidationAuthorityImpl) UpdateValidations(authz core.Authorization, challengeIndex int) error

Variables

var ErrTooManyCNAME = errors.New("too many CNAME/DNAME lookups")

ErrTooManyCNAME is returned by CheckCAARecords if it has to follow too many consecutive CNAME lookups.

Types

type CAASet

type CAASet struct {
	Issue     []*dns.CAA
	Issuewild []*dns.CAA
	Iodef     []*dns.CAA
	Unknown   []*dns.CAA
}

CAASet consists of filtered CAA records

type PortConfig

type PortConfig struct {
	HTTPPort  int
	HTTPSPort int
	TLSPort   int
}

PortConfig specifies what ports the VA should call to on the remote host when performing its checks.

type ValidationAuthorityImpl

type ValidationAuthorityImpl struct {
	RA core.RegistrationAuthority

	DNSResolver  core.DNSResolver
	IssuerDomain string

	UserAgent string
	// contains filtered or unexported fields
}

ValidationAuthorityImpl represents a VA

func NewValidationAuthorityImpl

func NewValidationAuthorityImpl(pc *PortConfig, stats statsd.Statter, clk clock.Clock) *ValidationAuthorityImpl

NewValidationAuthorityImpl constructs a new VA

func (*ValidationAuthorityImpl) CheckCAARecords

func (va *ValidationAuthorityImpl) CheckCAARecords(identifier core.AcmeIdentifier) (present, valid bool, err error)

CheckCAARecords verifies that, if the indicated subscriber domain has any CAA records, they authorize the configured CA domain to issue a certificate

func (*ValidationAuthorityImpl) UpdateValidations

func (va *ValidationAuthorityImpl) UpdateValidations(authz core.Authorization, challengeIndex int) error

UpdateValidations runs the validate() method asynchronously using goroutines.