Backend returns a new Backend framework struct.

Direct storage backend helpers (b, s := createBackendWithStorage(t)) which are mostly compatible with client.Logical() operations.

Setup helpers.

Factory creates a new backend implementing the logical.Backend interface.

Validates a given ACME http-01 challenge against the specified domain, per RFC 8555.

ValidateKeyAuthorization validates that the given keyAuthz from a challenge matches our expectation, returning (true, nil) if so, or (false, err) if not.

ValidateRawSHA256KeyAuthorization validates that the given keyAuthz from a challenge matches our expectation, returning (true, nil) if so, or (false, err) if not.

ValidateSHA256KeyAuthorization validates that the given keyAuthz from a challenge matches our expectation, returning (true, nil) if so, or (false, err) if not.

When adding a new usage in the future, we'll need to create a usage mask field on the IssuerEntry and handle migrations to a newer mask, inferring a value for the new bits.

Error prefix; see RFC 8555 Section 6.7.

Error prefix; see RFC 8555 Section 6.7.

SecretCertsType is the name used to identify this type.

While this should be a constant, there's no way to do a low-level test of ValidateTLSALPN01Challenge without spinning up a complicated Docker instance to build a custom responder.

See RFC 8555 Section 6.7.

These response variables should not be mutated, instead treat them as constants.

These response variables should not be mutated, instead treat them as constants.

These response variables should not be mutated, instead treat them as constants.

These response variables should not be mutated, instead treat them as constants.

These response variables should not be mutated, instead treat them as constants.

These response variables should not be mutated, instead treat them as constants.

OID of the acmeIdentifier X.509 Certificate Extension.