boulder

boulder copied to clipboard

Similar to how SA instances are marked unhealthy if they can't talk to the database.

aarongable

Improve timeout configuration, esp for async operations

2

Today, we set gRPC timeouts on a per-service basis. So, for example, every request from the RA to the SA has the same timeout set, no matter whether that request...

aarongable

Right now we record latency for an overall submission attempt, including retries. We'd like to be able to get some metrics on how long each request takes (and what it...

jsha

beautifulentropy

beautifulentropy

- [ ] Deprecate the DOH feature flag - [ ] Remove `BOULDER_CONFIG_DIR` checks for DOH sensitive integration tests (Bump this to #8121 (and update the relevant TODOs) if you...

beautifulentropy

Fix our grpc_health_v1 implementation

3

In 2020 we imported grpc-go's health_v1 implementation, and began checking this status in startservers.py: https://github.com/letsencrypt/boulder/pull/5074 In 2023 we added support for deep checks to all boulder services and actually implemented...

beautifulentropy

It's likely to be useful to support blocking issuance for IP address identifiers (both single and within prefixes) the same way we can block domain names.

jprenken

Once issuance for IP address identifiers is enabled in production, update `test/config` to mirror the config changes, and remove `config-next` gating in integration tests.

jprenken

feat: Add core definitions for dns-account-01

3

## Summary This PR introduces the **foundational components** required to support the `dns-account-01` challenge type, as specified in [draft-ietf-acme-dns-account-label-00](https://datatracker.ietf.org/doc/draft-ietf-acme-dns-account-label/). This is the **first in a series of changes** aiming to...

sheurich