Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce SerialPrefixHex field in CA #7721

Merged
merged 5 commits into from
Oct 4, 2024
Merged

Introduce SerialPrefixHex field in CA #7721

merged 5 commits into from
Oct 4, 2024

Conversation

jprenken
Copy link
Contributor

@jprenken jprenken commented Sep 24, 2024
edited by aarongable
Loading

Add a new SerialPrefixHex field to the CA's config, which takes a two-character hexadecimal string to use as the serial prefix. This matches the way that the OCSP Responder's acceptable serial prefixes are configured, and is easier for human operators to configure than raw integers.

At the same time, change the type of the CA's internal serial prefix from int to byte, using the type system to enforce its 8-bit length.

Fixes #7213

@jprenken jprenken requested a review from a team as a code owner September 24, 2024 22:42
@github-actions GitHub Actions
Copy link
Contributor

@jprenken, this PR appears to contain configuration and/or SQL schema changes. Please ensure that a corresponding deployment ticket has been filed with the new values.

beautifulentropy
beautifulentropy requested changes Sep 30, 2024
View reviewed changes
ca/ca.go Outdated Show resolved Hide resolved
cmd/boulder-ca/main.go Outdated Show resolved Hide resolved
@beautifulentropy beautifulentropy requested review from a team and beautifulentropy and removed request for a team September 30, 2024 20:49
jsha
jsha reviewed Sep 30, 2024
View reviewed changes
Copy link
Contributor

@jsha jsha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, modulo @beautifulentropy's comments.

@jprenken jprenken merged commit beddae5 into main Oct 4, 2024
12 checks passed
@jprenken jprenken deleted the serialprefix-7213 branch October 4, 2024 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsha jsha jsha left review comments

@beautifulentropy beautifulentropy beautifulentropy approved these changes

@aarongable aarongable aarongable approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Unify how serial prefixes are set
4 participants
@jprenken @jsha @aarongable @beautifulentropy