Concerns about: disable the “reuse valid authorizations”


#1

Ref: February 13, 2019: End-of-Life for All TLS-SNI-01 Validation Support

yes, “reuse valid authorizations” was always a problem for developing a client.
But, disabling it worries me much more: we have no other way to test this “reuse valid authorizations” feature in staging servers.
The only way would be testing against the production server.

Do you have any suggestions ?

Thanks.


#2

I would suggest installing a copy of boulder locally which would give you finer grain control over the flags and setup for the specific feature you’re testing. You can also do the same in CI/CD type scenarios, most support docker type dependencies, or at the very least the ability to spin up your own containers prior to tests. Sure, this won’t necessarily be a production ready type test, you’d miss network or environment failures and things like that. But for testing specific features I think it makes sense. That said, boulder isn’t the easiest of codebases to navigate so that can be a small downside.

Personally I think it makes sense to test these things against local instances first, right. At the very least, it’s being a good citizen so you’re not spamming their servers at the unit or integration testing level. I view the staging servers as something that is more designed to be used by end users to test their client is actually going to work for their setup, not for client developers - but that’s just my own opinion.

NB: I don’t think pebble supports auth re-use, so yeah, boulder.