package ca
Get desktop application:
View/edit binary Protocol Buffers messages
service CRLGenerator
ca.proto:57CRLGenerator signs CRLs. It is separated for the same reason as OCSPGenerator.
rpc GenerateCRL (stream , stream )
ca.proto:58message
ca.proto:61oneof payload
metadata = 1
entry = 2
message
ca.proto:76bytes chunk = 1
service CertificateAuthority
ca.proto:10CertificateAuthority issues certificates.
rpc IssueCertificate (, )
ca.proto:12IssueCertificate issues a precertificate, gets SCTs, issues a certificate, and returns that.
message
ca.proto:15bytes csr = 1
Next unused field number: 6
int64 registrationID = 2
int64 orderID = 3
string certProfileName = 5
certProfileName is a human readable name provided by the RA and used to determine if the CA can issue for that profile. A default name will be assigned inside the CA during *Profile construction if no name is provided. The value of this field should not be relied upon inside the RA.
message
ca.proto:29bytes DER = 1
service OCSPGenerator
ca.proto:37OCSPGenerator generates OCSP. We separate this out from CertificateAuthority so that we can restrict access to a different subset of hosts, so the hosts that need to request OCSP generation don't need to be able to request certificate issuance.
rpc GenerateOCSP (, )
ca.proto:38message
ca.proto:42Exactly one of certDER or [serial and issuerID] must be set.
string status = 2
Next unused field number: 8
int32 reason = 3
optional revokedAt = 7
string serial = 5
int64 issuerID = 6
message
ca.proto:68Used in:
int64 issuerNameID = 1
Next unused field number: 5
optional thisUpdate = 4
int64 shardIdx = 3
message
ca.proto:52Used as response type in: OCSPGenerator.GenerateOCSP, ra.RegistrationAuthority.GenerateOCSP
bytes response = 1