Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
RA: Audit log and track cert profile names and hashes (letsencrypt#7433)
* Adds `CertProfileName` to the CAs `capb.IssuePrecertificateResponse` so the RA can receive the CAs configured default profile name for audit logging/metrics. This is useful for when the RA sends an empty string as the profile name to the CA, but we want to know exactly what the profile name chosen by the CA was, rather than just relying on comparing hashes between CA and RA audit logs. * Adds the profile name and hash to RA audit logs emitted after a successful issuance. * Adds new labels to the existing `new_certificates` metric exported by the RA. ``` # HELP new_certificates A counter of new certificates including the certificate profile name and hexadecimal certificate profile hash # TYPE new_certificates counter new_certificates{profileHash="de4c8c8866ed46b1d4af0d79e6b7ecf2d1ea625e26adcbbd3979ececd8fbd05a",profileName="defaultBoulderCertificateProfile"} 2 ``` Fixes letsencrypt#7421
- Loading branch information