DNSChallenge01 constructs a dns-01 challenge.

Fingerprint256 produces an unpadded, URL-safe Base64-encoded SHA256 digest of the data.

GetBuildHost identifies the building host.

GetBuildID identifies what build is running.

GetBuildTime identifies when this build was made.

HashNames returns a hash of the names requested.

HTTPChallenge01 constructs a http-01 challenge.

IsAnyNilOrZero returns whether any of the supplied values are nil, or (if not) if any of them is its type's zero-value.

IsASCII determines if every character in a string is encoded in the ASCII character set.

IsCanceled returns true if err is non-nil and is either context.Canceled, or has a grpc code of Canceled.

KeyDigest produces the SHA256 digest of a provided public key.

KeyDigestB64 produces a padded, standard Base64-encoded SHA256 digest of a provided public key.

KeyDigestEquals determines whether two public keys have the same digest.

LoadCert loads a PEM certificate specified by filename or returns an error.

NewChallenge constructs a challenge of the given kind.

NewToken produces a random string for Challenges, etc.

NormalizeIdentifiers returns the set of all unique ACME identifiers in the input after all of them are lowercased.

PublicKeysEqual determines whether two public keys are identical.

RandomString returns a randomly generated string of the requested length.

RenewalInfoImmediate constructs a `RenewalInfo` object with a suggested window in the past.

RenewalInfoSimple constructs a `RenewalInfo` object and suggested window using a very simple renewal calculation: calculate a point 2/3rds of the way through the validity period, then give a 2-day window around that.

RetryBackoff calculates a backoff time based on number of retries, will always add jitter so requests that start in unison won't fall into lockstep.

SerialToString converts a certificate serial number (big.Int) to a String consistently.

StringToSerial converts a string into a certificate serial number (big.Int) consistently.

TLSALPNChallenge01 constructs a tls-alpn-01 challenge.

UniqueLowerNames returns the set of all unique names in the input after all of them are lowercased.

ValidSerial tests whether the input string represents a syntactically valid serial number, i.e., that it is a valid hex string between 32 and 36 characters long.

These types are the available challenges.

These types are the available challenges.

These types are the available challenges.

DNSPrefix is attached to DNS names in DNS challenges.

These status are the states of OCSP.

Not a real OCSP status.

These status are the states of OCSP.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

The types of ACME resources.

Object has been deactivated.

Validation failed.

In process; client has next action.

In process; server has next action.

Order is ready for finalization.

Object no longer valid.

Unknown status; the default.

Object is valid.

BuildHost is set by the compiler and is used by GetBuildHost.

BuildID is set by the compiler (using -ldflags "-X core.BuildID $(git rev-parse --short HEAD)") and is used by GetBuildID.

BuildTime is set by the compiler and is used by GetBuildTime.

RandReader is used so that it can be replaced in tests that require deterministic output.

Authorization represents the authorization of an account key holder to act on behalf of a domain.

Certificate objects are entirely internal to the server.

CertificateStatus structs are internal to the server.

Challenge is an aggregate of all data needed for any challenges.

FQDNSet contains the SHA256 hash of the lowercased, comma joined dNSNames contained in a certificate.

Registration objects represent non-public metadata attached to account keys.

RenewalInfo is a type which is exposed to clients which query the renewalInfo endpoint specified in draft-aaron-ari.

SuggestedWindow is a type exposed inside the RenewalInfo resource.

ValidationRecord represents a validation attempt against a specific URL/hostname and the IP addresses that were resolved and used.

PolicyAuthority defines the public interface for the Boulder PA TODO(#5891): Move this interface to a more appropriate location.

AcmeChallenge values identify different types of ACME challenges.

AcmeResource values identify different types of ACME resources.

AcmeStatus defines the state of a given authorization.

CertDER is a convenience type that helps differentiate what the underlying byte slice contains.

JSONBuffer fields get encoded and decoded JOSE-style, in base64url encoding with stripped padding.

OCSPStatus defines the state of OCSP for a domain.

SCTDERs is a convenience type.