diff --git a/errors/errors.go b/errors/errors.go index 94625d7bbf6..861d54ad177 100644 --- a/errors/errors.go +++ b/errors/errors.go @@ -121,6 +121,13 @@ func DuplicateCertificateError(msg string, args ...interface{}) error { } } +func FailedValidationError(msg string, args ...interface{}) error { + return &BoulderError{ + Type: RateLimit, + Detail: fmt.Sprintf(msg+": see https://letsencrypt.org/docs/failed-validation-limit/", args...), + } +} + func RejectedIdentifierError(msg string, args ...interface{}) error { return New(RejectedIdentifier, msg, args...) } diff --git a/ra/ra.go b/ra/ra.go index d918aa4da44..53e2d8f3503 100644 --- a/ra/ra.go +++ b/ra/ra.go @@ -568,7 +568,7 @@ func (ra *RegistrationAuthorityImpl) checkInvalidAuthorizationLimit(ctx context. noKey := "" if count.Count >= limit.GetThreshold(noKey, regID) { ra.log.Infof("Rate limit exceeded, InvalidAuthorizationsByRegID, regID: %d", regID) - return berrors.RateLimitError("too many failed authorizations recently") + return berrors.FailedValidationError("too many failed authorizations recently") } return nil } diff --git a/ra/ra_test.go b/ra/ra_test.go index 497628eaf24..1a781df22dd 100644 --- a/ra/ra_test.go +++ b/ra/ra_test.go @@ -1025,7 +1025,7 @@ func TestAuthzFailedRateLimitingNewOrder(t *testing.T) { err := ra.checkInvalidAuthorizationLimits(ctx, Registration.Id, []string{"charlie.brown.com", "all.i.do.is.lose.com"}) test.AssertError(t, err, "checkInvalidAuthorizationLimits did not encounter expected rate limit error") - test.AssertEquals(t, err.Error(), "too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/") + test.AssertEquals(t, err.Error(), "too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/") } testcase() @@ -2115,7 +2115,7 @@ func TestNewOrderCheckFailedAuthorizationsFirst(t *testing.T) { }) test.AssertError(t, err, "expected error for domain with too many failures") - test.AssertEquals(t, err.Error(), "too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/") + test.AssertEquals(t, err.Error(), "too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/") } // mockSAUnsafeAuthzReuse has a GetAuthorizations implementation that returns