| ▲ | Ayesh 9 hours ago | |
https://github.com/letsencrypt/boulder You can find a docker-compose.yml file to get some idea. Appears to be using MariaDB. They shut down OCSP responders and expiry email reminders, so there really is no need to have a database apart from rate limits, auth data, and caching. For Certificate Transparency, they are submitted to Google and CloudFlare run trees but I don't think LetsEncrypt run their own logs. | ||
| ▲ | mcpherrinm 6 hours ago | parent | next [-] | |
Let’s Encrypt does operate CT logs. I wrote a blog post about our current-generation logs at https://letsencrypt.org/2024/03/14/introducing-sunlight | ||
| ▲ | nodesocket 9 hours ago | parent | prev [-] | |
I assume they want to store metadata instead of having to pull from the certificates itself, but maybe that’s actually easier and more performant. | ||