boulder icon indicating copy to clipboard operation
boulder copied to clipboard

verified publisher icon letsencrypt

Metadata

An ACME-based certificate authority, written in Go.

Results 421 boulder issues
Sort by recently updated
recently updated
newest added

Automatically Pause Zombie Clients

### Manual Pausing Background In #7406, we deployed all the necessary code and infrastructure to manually pause specific account-identifier pairs. Two batches of manual pauses were conducted based on 90...

beautifulentropy avatar beautifulentropy

Remove extra Remote VA test config files

Clean up the extra config files left behind by https://github.com/letsencrypt/boulder/pull/7437

aarongable avatar aarongable

sa: add authz reuse table

4 comment

Right now our authz2 table looks like this: ``` CREATE TABLE `authz2` ( `id` bigint(20) UNSIGNED NOT NULL AUTO_INCREMENT, `identifierType` tinyint(4) NOT NULL, `identifierValue` varchar(255) NOT NULL, `registrationID` bigint(20) NOT...

jsha avatar jsha

Add sqlclosecheck to golangci-lint configuration

This linter helps identify failure to close sql rows, which can lead to connection pool issues. This PR is a "WIP" because there's some failures, but they don't look immediately...

mcpherrinm avatar mcpherrinm

Refactor CA tests to be table-driven

In #7700 we [removed the `RejectLongCommonName` test case](https://github.com/letsencrypt/boulder/pull/7700/files/73a4d90135b6c58ef4d399a7ba4901143dd35213#diff-f157645025f9b5036f76a31d05c97ce922c8449b367d6769a0689e17f6fc125eL696), but we'd still like to test that the case is handled correctly; "correctly" just no longer means rejecting the CSR. To get...

jprenken avatar jprenken

Fix race in pause_identifier unittest

The `admin pause-identifier` subcommand and its associated unittests were introduced in https://github.com/letsencrypt/boulder/pull/7668 and improved in https://github.com/letsencrypt/boulder/pull/7689. We've now seen a [CI unit test failure](https://github.com/letsencrypt/boulder/actions/runs/10709127483/job/29693034354) due to a data race in...

aarongable avatar aarongable

Fix flaky rate limit integration tests

We've observed flaky failures of two integration tests, both of which were touched by https://github.com/letsencrypt/boulder/pull/7666. [Failure](https://github.com/letsencrypt/boulder/actions/runs/10708344476/job/29690426527?pr=7694) of the rate limit test: ``` --- FAIL: TestCertificatesPerDomain (2.88s) ratelimit_test.go:57: Somehow managed to...

aarongable avatar aarongable

FAKE_DNS doesn't work

2 comment

#And edit docker-compose.yml to change the FAKE_DNS environment variable to match. This will cause Boulder's stubbed-out DNS resolver (sd-test-srv) to respond to all A queries with the address in FAKE_DNS....

liuqi-sun avatar liuqi-sun

Stop overwriting contact column upon account deactivation

This fixes an oversight in https://github.com/letsencrypt/boulder/pull/8200. Part of https://github.com/letsencrypt/boulder/issues/8199

aarongable avatar aarongable

iana: Embed & parse reserved IP registries from primary source

Move `policy.IsReservedIP` to `iana.IsReservedAddr`. Move `policy.IsReservedPrefix` to `iana.IsReservedPrefix`. Embed & parse IANA's special-purpose address registries for IPv4 and IPv6 in their original CSV format. Fixes #8080

jprenken avatar jprenken

Metadata

5.0k
Stars
585
Forks
Watchers

Owner

verified publisher icon letsencrypt

Metadata

An ACME-based certificate authority, written in Go.

Back