func main() { app := cmd.NewAppShell("boulder-va", "Handles challenge validation") app.Action = func(c cmd.Config, stats statsd.Statter, auditlogger *blog.AuditLogger) { go cmd.DebugServer(c.VA.DebugAddr) go cmd.ProfileCmd("VA", stats) pc := &va.PortConfig{ HTTPPort: 80, HTTPSPort: 443, TLSPort: 443, } if c.VA.PortConfig.HTTPPort != 0 { pc.HTTPPort = c.VA.PortConfig.HTTPPort } if c.VA.PortConfig.HTTPSPort != 0 { pc.HTTPSPort = c.VA.PortConfig.HTTPSPort } if c.VA.PortConfig.TLSPort != 0 { pc.TLSPort = c.VA.PortConfig.TLSPort } clk := clock.Default() sbc := newGoogleSafeBrowsing(c.VA.GoogleSafeBrowsing) vai := va.NewValidationAuthorityImpl(pc, sbc, stats, clk) dnsTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse DNS timeout") scoped := metrics.NewStatsdScope(stats, "VA", "DNS") dnsTries := c.VA.DNSTries if dnsTries < 1 { dnsTries = 1 } if !c.Common.DNSAllowLoopbackAddresses { vai.DNSResolver = bdns.NewDNSResolverImpl(dnsTimeout, []string{c.Common.DNSResolver}, scoped, clk, dnsTries) } else { vai.DNSResolver = bdns.NewTestDNSResolverImpl(dnsTimeout, []string{c.Common.DNSResolver}, scoped, clk, dnsTries) } vai.UserAgent = c.VA.UserAgent vai.IssuerDomain = c.VA.IssuerDomain amqpConf := c.VA.AMQP rac, err := rpc.NewRegistrationAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create RA client") vai.RA = rac vas, err := rpc.NewAmqpRPCServer(amqpConf, c.VA.MaxConcurrentRPCServerRequests, stats) cmd.FailOnError(err, "Unable to create VA RPC server") rpc.NewValidationAuthorityServer(vas, vai) err = vas.Start(amqpConf) cmd.FailOnError(err, "Unable to run VA RPC server") } app.Run() }
func TestDNSValidationNoServer(t *testing.T) { va, _, _ := setup() va.dnsResolver = bdns.NewTestDNSResolverImpl( time.Second*5, nil, metrics.NewNoopScope(), clock.Default(), 1) chalDNS := createChallenge(core.ChallengeTypeDNS01) _, prob := va.validateChallenge(ctx, ident, chalDNS) test.AssertEquals(t, prob.Type, probs.ConnectionProblem) }
func TestDNSValidationNoServer(t *testing.T) { c, _ := statsd.NewNoopClient() stats := metrics.NewNoopScope() va := NewValidationAuthorityImpl(&PortConfig{}, nil, c, clock.Default()) va.DNSResolver = bdns.NewTestDNSResolverImpl(time.Second*5, []string{}, stats, clock.Default(), 1) mockRA := &MockRegistrationAuthority{} va.RA = mockRA chalDNS := createChallenge(core.ChallengeTypeDNS01) var authz = core.Authorization{ ID: core.NewToken(), RegistrationID: 1, Identifier: ident, Challenges: []core.Challenge{chalDNS}, } va.validate(context.Background(), authz, 0) test.AssertNotNil(t, mockRA.lastAuthz, "Should have gotten an authorization") test.Assert(t, authz.Challenges[0].Status == core.StatusInvalid, "Should be invalid.") test.AssertEquals(t, authz.Challenges[0].Error.Type, probs.ConnectionProblem) }
func main() { configFile := flag.String("config", "", "File path to the configuration file for this service") flag.Parse() if *configFile == "" { flag.Usage() os.Exit(1) } var c config err := cmd.ReadJSONFile(*configFile, &c) cmd.FailOnError(err, "Reading JSON config file into config structure") go cmd.DebugServer(c.RA.DebugAddr) stats, logger := cmd.StatsAndLogging(c.StatsdConfig, c.SyslogConfig) defer logger.AuditPanic() logger.Info(cmd.VersionString(clientName)) // Validate PA config and set defaults if needed cmd.FailOnError(c.PA.CheckChallenges(), "Invalid PA configuration") pa, err := policy.New(c.PA.Challenges) cmd.FailOnError(err, "Couldn't create PA") if c.RA.HostnamePolicyFile == "" { cmd.FailOnError(fmt.Errorf("HostnamePolicyFile must be provided."), "") } err = pa.SetHostnamePolicyFile(c.RA.HostnamePolicyFile) cmd.FailOnError(err, "Couldn't load hostname policy file") go cmd.ProfileCmd("RA", stats) amqpConf := c.RA.AMQP var vac core.ValidationAuthority if c.RA.VAService != nil { conn, err := bgrpc.ClientSetup(c.RA.VAService) cmd.FailOnError(err, "Unable to create VA client") vac = bgrpc.NewValidationAuthorityGRPCClient(conn) } else { vac, err = rpc.NewValidationAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create VA client") } cac, err := rpc.NewCertificateAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create CA client") sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create SA client") rai := ra.NewRegistrationAuthorityImpl( clock.Default(), logger, stats, c.RA.MaxContactsPerRegistration, c.AllowedSigningAlgos.KeyPolicy(), c.RA.MaxNames, c.RA.DoNotForceCN, c.RA.ReuseValidAuthz) policyErr := rai.SetRateLimitPoliciesFile(c.RA.RateLimitPoliciesFilename) cmd.FailOnError(policyErr, "Couldn't load rate limit policies file") rai.PA = pa raDNSTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse RA DNS timeout") scoped := metrics.NewStatsdScope(stats, "RA", "DNS") dnsTries := c.RA.DNSTries if dnsTries < 1 { dnsTries = 1 } if !c.Common.DNSAllowLoopbackAddresses { rai.DNSResolver = bdns.NewDNSResolverImpl( raDNSTimeout, []string{c.Common.DNSResolver}, nil, scoped, clock.Default(), dnsTries) } else { rai.DNSResolver = bdns.NewTestDNSResolverImpl( raDNSTimeout, []string{c.Common.DNSResolver}, scoped, clock.Default(), dnsTries) } rai.VA = vac rai.CA = cac rai.SA = sac ras, err := rpc.NewAmqpRPCServer(amqpConf, c.RA.MaxConcurrentRPCServerRequests, stats, logger) cmd.FailOnError(err, "Unable to create RA RPC server") err = rpc.NewRegistrationAuthorityServer(ras, rai, logger) cmd.FailOnError(err, "Unable to setup RA RPC server") err = ras.Start(amqpConf) cmd.FailOnError(err, "Unable to run RA RPC server") }
func main() { configFile := flag.String("config", "", "File path to the configuration file for this service") flag.Parse() if *configFile == "" { flag.Usage() os.Exit(1) } var c config err := cmd.ReadConfigFile(*configFile, &c) cmd.FailOnError(err, "Reading JSON config file into config structure") stats, logger := cmd.StatsAndLogging(c.Statsd, c.Syslog) scope := metrics.NewStatsdScope(stats, "VA") defer logger.AuditPanic() logger.Info(cmd.VersionString(clientName)) pc := &cmd.PortConfig{ HTTPPort: 80, HTTPSPort: 443, TLSPort: 443, } if c.VA.PortConfig.HTTPPort != 0 { pc.HTTPPort = c.VA.PortConfig.HTTPPort } if c.VA.PortConfig.HTTPSPort != 0 { pc.HTTPSPort = c.VA.PortConfig.HTTPSPort } if c.VA.PortConfig.TLSPort != 0 { pc.TLSPort = c.VA.PortConfig.TLSPort } sbc := newGoogleSafeBrowsing(c.VA.GoogleSafeBrowsing) var cdrClient *cdr.CAADistributedResolver if c.VA.CAADistributedResolver != nil { var err error cdrClient, err = cdr.New( scope, c.VA.CAADistributedResolver.Timeout.Duration, c.VA.CAADistributedResolver.MaxFailures, c.VA.CAADistributedResolver.Proxies, logger) cmd.FailOnError(err, "Failed to create CAADistributedResolver") } dnsTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse DNS timeout") dnsTries := c.VA.DNSTries if dnsTries < 1 { dnsTries = 1 } clk := clock.Default() caaSERVFAILExceptions, err := bdns.ReadHostList(c.VA.CAASERVFAILExceptions) cmd.FailOnError(err, "Couldn't read CAASERVFAILExceptions file") var resolver bdns.DNSResolver if !c.Common.DNSAllowLoopbackAddresses { r := bdns.NewDNSResolverImpl( dnsTimeout, []string{c.Common.DNSResolver}, caaSERVFAILExceptions, scope, clk, dnsTries) resolver = r } else { r := bdns.NewTestDNSResolverImpl(dnsTimeout, []string{c.Common.DNSResolver}, scope, clk, dnsTries) resolver = r } vai := va.NewValidationAuthorityImpl( pc, sbc, cdrClient, resolver, c.VA.UserAgent, c.VA.IssuerDomain, scope, clk, logger) amqpConf := c.VA.AMQP var grpcSrv *grpc.Server if c.VA.GRPC != nil { s, l, err := bgrpc.NewServer(c.VA.GRPC, scope) cmd.FailOnError(err, "Unable to setup VA gRPC server") err = bgrpc.RegisterValidationAuthorityGRPCServer(s, vai) cmd.FailOnError(err, "Unable to register VA gRPC server") go func() { err = s.Serve(l) cmd.FailOnError(err, "VA gRPC service failed") }() grpcSrv = s } vas, err := rpc.NewAmqpRPCServer(amqpConf, c.VA.MaxConcurrentRPCServerRequests, scope, logger) cmd.FailOnError(err, "Unable to create VA RPC server") go cmd.CatchSignals(logger, func() { vas.Stop() if grpcSrv != nil { grpcSrv.GracefulStop() } }) err = rpc.NewValidationAuthorityServer(vas, vai) cmd.FailOnError(err, "Unable to setup VA RPC server") go cmd.DebugServer(c.VA.DebugAddr) go cmd.ProfileCmd(scope) err = vas.Start(amqpConf) cmd.FailOnError(err, "Unable to run VA RPC server") }
func main() { app := cmd.NewAppShell("boulder-ra", "Handles service orchestration") app.Action = func(c cmd.Config, stats metrics.Statter, logger blog.Logger) { // Validate PA config and set defaults if needed cmd.FailOnError(c.PA.CheckChallenges(), "Invalid PA configuration") go cmd.DebugServer(c.RA.DebugAddr) pa, err := policy.New(c.PA.Challenges) cmd.FailOnError(err, "Couldn't create PA") if c.RA.HostnamePolicyFile == "" { cmd.FailOnError(fmt.Errorf("HostnamePolicyFile must be provided."), "") } err = pa.SetHostnamePolicyFile(c.RA.HostnamePolicyFile) cmd.FailOnError(err, "Couldn't load hostname policy file") rateLimitPolicies, err := cmd.LoadRateLimitPolicies(c.RA.RateLimitPoliciesFilename) cmd.FailOnError(err, "Couldn't load rate limit policies file") go cmd.ProfileCmd("RA", stats) amqpConf := c.RA.AMQP vac, err := rpc.NewValidationAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create VA client") cac, err := rpc.NewCertificateAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create CA client") sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create SA client") var dc *ra.DomainCheck if c.RA.UseIsSafeDomain { dc = &ra.DomainCheck{VA: vac} } rai := ra.NewRegistrationAuthorityImpl(clock.Default(), logger, stats, dc, rateLimitPolicies, c.RA.MaxContactsPerRegistration, c.KeyPolicy(), c.RA.UseNewVARPC) rai.PA = pa raDNSTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse RA DNS timeout") scoped := metrics.NewStatsdScope(stats, "RA", "DNS") dnsTries := c.RA.DNSTries if dnsTries < 1 { dnsTries = 1 } if !c.Common.DNSAllowLoopbackAddresses { rai.DNSResolver = bdns.NewDNSResolverImpl(raDNSTimeout, []string{c.Common.DNSResolver}, scoped, clock.Default(), dnsTries) } else { rai.DNSResolver = bdns.NewTestDNSResolverImpl(raDNSTimeout, []string{c.Common.DNSResolver}, scoped, clock.Default(), dnsTries) } rai.VA = vac rai.CA = cac rai.SA = sac ras, err := rpc.NewAmqpRPCServer(amqpConf, c.RA.MaxConcurrentRPCServerRequests, stats) cmd.FailOnError(err, "Unable to create RA RPC server") err = rpc.NewRegistrationAuthorityServer(ras, rai) cmd.FailOnError(err, "Unable to setup RA RPC server") err = ras.Start(amqpConf) cmd.FailOnError(err, "Unable to run RA RPC server") } app.Run() }
func main() { app := cmd.NewAppShell("boulder-va", "Handles challenge validation") app.Action = func(c cmd.Config, stats metrics.Statter, logger blog.Logger) { go cmd.DebugServer(c.VA.DebugAddr) go cmd.ProfileCmd("VA", stats) pc := &cmd.PortConfig{ HTTPPort: 80, HTTPSPort: 443, TLSPort: 443, } if c.VA.PortConfig.HTTPPort != 0 { pc.HTTPPort = c.VA.PortConfig.HTTPPort } if c.VA.PortConfig.HTTPSPort != 0 { pc.HTTPSPort = c.VA.PortConfig.HTTPSPort } if c.VA.PortConfig.TLSPort != 0 { pc.TLSPort = c.VA.PortConfig.TLSPort } var caaClient caaPB.CAACheckerClient if c.VA.CAAService != nil { conn, err := bgrpc.ClientSetup(c.VA.CAAService) cmd.FailOnError(err, "Failed to load credentials and create connection to service") caaClient = caaPB.NewCAACheckerClient(conn) } scoped := metrics.NewStatsdScope(stats, "VA", "DNS") sbc := newGoogleSafeBrowsing(c.VA.GoogleSafeBrowsing) var cdrClient *cdr.CAADistributedResolver if c.VA.CAADistributedResolver != nil { var err error cdrClient, err = cdr.New( scoped, c.VA.CAADistributedResolver.Timeout.Duration, c.VA.CAADistributedResolver.MaxFailures, c.VA.CAADistributedResolver.Proxies, logger, ) cmd.FailOnError(err, "Failed to create CAADistributedResolver") } dnsTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse DNS timeout") dnsTries := c.VA.DNSTries if dnsTries < 1 { dnsTries = 1 } clk := clock.Default() var resolver bdns.DNSResolver if !c.Common.DNSAllowLoopbackAddresses { r := bdns.NewDNSResolverImpl(dnsTimeout, []string{c.Common.DNSResolver}, scoped, clk, dnsTries) r.LookupIPv6 = c.VA.LookupIPv6 resolver = r } else { r := bdns.NewTestDNSResolverImpl(dnsTimeout, []string{c.Common.DNSResolver}, scoped, clk, dnsTries) r.LookupIPv6 = c.VA.LookupIPv6 resolver = r } vai := va.NewValidationAuthorityImpl( pc, sbc, caaClient, cdrClient, resolver, c.VA.UserAgent, c.VA.IssuerDomain, stats, clk, logger) amqpConf := c.VA.AMQP if c.VA.GRPC != nil { s, l, err := bgrpc.NewServer(c.VA.GRPC, metrics.NewStatsdScope(stats, "VA")) cmd.FailOnError(err, "Unable to setup VA gRPC server") err = bgrpc.RegisterValidationAuthorityGRPCServer(s, vai) cmd.FailOnError(err, "Unable to register VA gRPC server") go func() { err = s.Serve(l) cmd.FailOnError(err, "VA gRPC service failed") }() } vas, err := rpc.NewAmqpRPCServer(amqpConf, c.VA.MaxConcurrentRPCServerRequests, stats, logger) cmd.FailOnError(err, "Unable to create VA RPC server") err = rpc.NewValidationAuthorityServer(vas, vai) cmd.FailOnError(err, "Unable to setup VA RPC server") err = vas.Start(amqpConf) cmd.FailOnError(err, "Unable to run VA RPC server") } app.Run() }
func main() { app := cmd.NewAppShell("boulder-ra", "Handles service orchestration") app.Action = func(c cmd.Config, stats statsd.Statter, auditlogger *blog.AuditLogger) { // Validate PA config and set defaults if needed cmd.FailOnError(c.PA.CheckChallenges(), "Invalid PA configuration") go cmd.DebugServer(c.RA.DebugAddr) dbURL, err := c.PA.DBConfig.URL() cmd.FailOnError(err, "Couldn't load DB URL") paDbMap, err := sa.NewDbMap(dbURL) cmd.FailOnError(err, "Couldn't connect to policy database") pa, err := policy.NewPolicyAuthorityImpl(paDbMap, c.PA.EnforcePolicyWhitelist, c.PA.Challenges) cmd.FailOnError(err, "Couldn't create PA") rateLimitPolicies, err := cmd.LoadRateLimitPolicies(c.RA.RateLimitPoliciesFilename) cmd.FailOnError(err, "Couldn't load rate limit policies file") go cmd.ProfileCmd("RA", stats) amqpConf := c.RA.AMQP vac, err := rpc.NewValidationAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create VA client") cac, err := rpc.NewCertificateAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create CA client") sac, err := rpc.NewStorageAuthorityClient(clientName, amqpConf, stats) cmd.FailOnError(err, "Unable to create SA client") var dc *ra.DomainCheck if c.RA.UseIsSafeDomain { dc = &ra.DomainCheck{VA: vac} } rai := ra.NewRegistrationAuthorityImpl(clock.Default(), auditlogger, stats, dc, rateLimitPolicies, c.RA.MaxContactsPerRegistration) rai.PA = pa raDNSTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse RA DNS timeout") scoped := metrics.NewStatsdScope(stats, "RA", "DNS") if !c.Common.DNSAllowLoopbackAddresses { rai.DNSResolver = bdns.NewDNSResolverImpl(raDNSTimeout, []string{c.Common.DNSResolver}, scoped) } else { rai.DNSResolver = bdns.NewTestDNSResolverImpl(raDNSTimeout, []string{c.Common.DNSResolver}, scoped) } rai.VA = vac rai.CA = cac rai.SA = sac ras, err := rpc.NewAmqpRPCServer(amqpConf, c.RA.MaxConcurrentRPCServerRequests, stats) cmd.FailOnError(err, "Unable to create RA RPC server") rpc.NewRegistrationAuthorityServer(ras, rai) err = ras.Start(amqpConf) cmd.FailOnError(err, "Unable to run RA RPC server") } app.Run() }
func main() { configFile := flag.String("config", "", "File path to the configuration file for this service") flag.Parse() if *configFile == "" { flag.Usage() os.Exit(1) } var c config err := cmd.ReadConfigFile(*configFile, &c) cmd.FailOnError(err, "Reading JSON config file into config structure") err = features.Set(c.RA.Features) cmd.FailOnError(err, "Failed to set feature flags") stats, logger := cmd.StatsAndLogging(c.Statsd, c.Syslog) scope := metrics.NewStatsdScope(stats, "RA") defer logger.AuditPanic() logger.Info(cmd.VersionString(clientName)) // Validate PA config and set defaults if needed cmd.FailOnError(c.PA.CheckChallenges(), "Invalid PA configuration") pa, err := policy.New(c.PA.Challenges) cmd.FailOnError(err, "Couldn't create PA") if c.RA.HostnamePolicyFile == "" { cmd.FailOnError(fmt.Errorf("HostnamePolicyFile must be provided."), "") } err = pa.SetHostnamePolicyFile(c.RA.HostnamePolicyFile) cmd.FailOnError(err, "Couldn't load hostname policy file") amqpConf := c.RA.AMQP var vac core.ValidationAuthority if c.RA.VAService != nil { conn, err := bgrpc.ClientSetup(c.RA.VAService, scope) cmd.FailOnError(err, "Unable to create VA client") vac = bgrpc.NewValidationAuthorityGRPCClient(conn) } else { vac, err = rpc.NewValidationAuthorityClient(clientName, amqpConf, scope) cmd.FailOnError(err, "Unable to create VA client") } var cac core.CertificateAuthority if c.RA.CAService != nil { conn, err := bgrpc.ClientSetup(c.RA.CAService, scope) cmd.FailOnError(err, "Unable to create CA client") cac = bgrpc.NewCertificateAuthorityClient(caPB.NewCertificateAuthorityClient(conn)) } else { cac, err = rpc.NewCertificateAuthorityClient(clientName, amqpConf, scope) cmd.FailOnError(err, "Unable to create CA client") } var pubc core.Publisher if c.RA.PublisherService != nil { conn, err := bgrpc.ClientSetup(c.RA.PublisherService, scope) cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to Publisher") pubc = bgrpc.NewPublisherClientWrapper(pubPB.NewPublisherClient(conn)) } var sac core.StorageAuthority if c.RA.SAService != nil { conn, err := bgrpc.ClientSetup(c.RA.SAService, scope) cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA") sac = bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn)) } else { sac, err = rpc.NewStorageAuthorityClient(clientName, amqpConf, scope) cmd.FailOnError(err, "Unable to create SA client") } // TODO(patf): remove once RA.authorizationLifetimeDays is deployed authorizationLifetime := 300 * 24 * time.Hour if c.RA.AuthorizationLifetimeDays != 0 { authorizationLifetime = time.Duration(c.RA.AuthorizationLifetimeDays) * 24 * time.Hour } // TODO(patf): remove once RA.pendingAuthorizationLifetimeDays is deployed pendingAuthorizationLifetime := 7 * 24 * time.Hour if c.RA.PendingAuthorizationLifetimeDays != 0 { pendingAuthorizationLifetime = time.Duration(c.RA.PendingAuthorizationLifetimeDays) * 24 * time.Hour } rai := ra.NewRegistrationAuthorityImpl( clock.Default(), logger, scope, c.RA.MaxContactsPerRegistration, goodkey.NewKeyPolicy(), c.RA.MaxNames, c.RA.DoNotForceCN, c.RA.ReuseValidAuthz, authorizationLifetime, pendingAuthorizationLifetime, pubc) policyErr := rai.SetRateLimitPoliciesFile(c.RA.RateLimitPoliciesFilename) cmd.FailOnError(policyErr, "Couldn't load rate limit policies file") rai.PA = pa raDNSTimeout, err := time.ParseDuration(c.Common.DNSTimeout) cmd.FailOnError(err, "Couldn't parse RA DNS timeout") dnsTries := c.RA.DNSTries if dnsTries < 1 { dnsTries = 1 } if !c.Common.DNSAllowLoopbackAddresses { rai.DNSResolver = bdns.NewDNSResolverImpl( raDNSTimeout, []string{c.Common.DNSResolver}, nil, scope, clock.Default(), dnsTries) } else { rai.DNSResolver = bdns.NewTestDNSResolverImpl( raDNSTimeout, []string{c.Common.DNSResolver}, scope, clock.Default(), dnsTries) } rai.VA = vac rai.CA = cac rai.SA = sac err = rai.UpdateIssuedCountForever() cmd.FailOnError(err, "Updating total issuance count") var grpcSrv *grpc.Server if c.RA.GRPC != nil { var listener net.Listener grpcSrv, listener, err = bgrpc.NewServer(c.RA.GRPC, scope) cmd.FailOnError(err, "Unable to setup RA gRPC server") gw := bgrpc.NewRegistrationAuthorityServer(rai) rapb.RegisterRegistrationAuthorityServer(grpcSrv, gw) go func() { err = grpcSrv.Serve(listener) cmd.FailOnError(err, "RA gRPC service failed") }() } ras, err := rpc.NewAmqpRPCServer(amqpConf, c.RA.MaxConcurrentRPCServerRequests, scope, logger) cmd.FailOnError(err, "Unable to create RA RPC server") go cmd.CatchSignals(logger, func() { ras.Stop() if grpcSrv != nil { grpcSrv.GracefulStop() } }) err = rpc.NewRegistrationAuthorityServer(ras, rai, logger) cmd.FailOnError(err, "Unable to setup RA RPC server") go cmd.DebugServer(c.RA.DebugAddr) go cmd.ProfileCmd(scope) err = ras.Start(amqpConf) cmd.FailOnError(err, "Unable to run RA RPC server") }