Skip to content

Commit 4aa2a57

Browse files
aarongableaarongable
committed
Remove ocsp-responder
1 parent f8be625 commit 4aa2a57

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

71 files changed

+114
-5404
lines changed

README.md

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,10 @@ Boulder is divided into the following main components:
3030
4. Certificate Authority
3131
5. Storage Authority
3232
6. Publisher
33-
7. OCSP Responder
34-
8. CRL Updater
33+
7. CRL Updater
3534

3635
This component model lets us separate the function of the CA by security
37-
context. The Web Front End, Validation Authority, OCSP Responder and
36+
context. The Web Front End, Validation Authority, CRL Storer, and
3837
Publisher need access to the Internet, which puts them at greater risk of
3938
compromise. The Registration Authority can live without Internet
4039
connectivity, but still needs to talk to the Web Front End and Validation
@@ -50,7 +49,7 @@ lines indicating SA RPCs are not shown here.
5049
| ^
5150
Subscriber server <- VA <----+ |
5251
|
53-
Browser -------------------> OCSP Responder
52+
Browser -----> S3 <----- CRL Storer/Updater
5453
```
5554

5655
Internally, the logic of the system is based around five types of objects:

cmd/boulder/main.go

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,10 +21,8 @@ import (
2121
_ "github.com/letsencrypt/boulder/cmd/email-exporter"
2222
_ "github.com/letsencrypt/boulder/cmd/log-validator"
2323
_ "github.com/letsencrypt/boulder/cmd/nonce-service"
24-
_ "github.com/letsencrypt/boulder/cmd/ocsp-responder"
2524
_ "github.com/letsencrypt/boulder/cmd/remoteva"
2625
_ "github.com/letsencrypt/boulder/cmd/reversed-hostname-checker"
27-
_ "github.com/letsencrypt/boulder/cmd/rocsp-tool"
2826
_ "github.com/letsencrypt/boulder/cmd/sfe"
2927
"github.com/letsencrypt/boulder/core"
3028

cmd/crl-updater/main.go

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -79,8 +79,7 @@ type Config struct {
7979
// This should be set to the current set of serial prefixes in production.
8080
// When deploying explicit sharding (i.e. the CRLDistributionPoints extension),
8181
// the CAs should be configured with a new set of serial prefixes that haven't
82-
// been used before (and the OCSP Responder config should be updated to
83-
// recognize the new prefixes as well as the old ones).
82+
// been used before.
8483
TemporallyShardedSerialPrefixes []string
8584

8685
// MaxParallelism controls how many workers may be running in parallel.

cmd/ocsp-responder/main.go

Lines changed: 0 additions & 297 deletions
This file was deleted.

0 commit comments

Comments
 (0)