Programmatically create account on Boulder with Acme4j

Hi @ryanesch

If you're using Boulder the VA process will log the IP addresses it resolves & uses for validation. E.g.:

I072009 boulder-remoteva 6-nJ7Qk [AUDIT] Validation result JSON={"ID":"186","Requester":99991352,"Hostname":"rand.300c7466.xyz","Challenge":{"type":"tls-alpn-01","status":"valid","token":"jcG840wazZ9PIV-74Zp1VKUlPDW9sIdseZ6vS4Js-Mc","keyAuthorization":"jcG840wazZ9PIV-74Zp1VKUlPDW9sIdseZ6vS4Js-Mc.LelkOAgY6ZHFjo0HDH7-OKNF1xFKI3VNNH1oXSqfPQQ","validationRecord":[{"hostname":"rand.300c7466.xyz","port":"5001","addressesResolved":["10.88.88.88"],"addressUsed":"10.88.88.88"}]},"ValidationLatency":0.036}

The "addressResolved" and "addressUsed" portions of the validation record are the lookup results from the fake DNS server.

The pebble-challtestsrv used by the Boulder docker environment also logs information at startup that includes what the default fake IP address used for A/AAAA queries will be:

pebble-challtestsrv - 2020/02/20 07:16:22 Creating HTTP-01 challenge server on 10.77.77.77:5002
pebble-challtestsrv - 2020/02/20 07:16:22 Creating HTTPS HTTP-01 challenge server on 10.77.77.77:5001
pebble-challtestsrv - 2020/02/20 07:16:22 Creating TCP and UDP DNS-01 challenge server on :8053
pebble-challtestsrv - 2020/02/20 07:16:22 Creating TCP and UDP DNS-01 challenge server on :8054
pebble-challtestsrv - 2020/02/20 07:16:22 Creating TLS-ALPN-01 challenge server on 10.88.88.88:5001
pebble-challtestsrv - 2020/02/20 07:16:22 Answering A queries with 10.77.77.77 by default
pebble-challtestsrv - 2020/02/20 07:16:22 Starting challenge servers
pebble-challtestsrv - 2020/02/20 07:16:22 Starting management server on :8055

The relevant part is " Answering A queries with 10.77.77.77 by default".

Any explicit mock A/AAAA records added above and beyond the default via the management server are also logged, e.g.:

pebble-challtestsrv - 2020/02/20 07:20:08 Added response for DNS A queries to "rand.300c7466.xyz" : 10.88.88.88

Hope that helps!

1 Like