https://github.com/letsencrypt/boulder You can find a docker-compose.yml file to... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Ayesh 1 day ago \| parent \| context \| favorite \| on: 10 Years of Let's Encrypt https://github.com/letsencrypt/boulder You can find a docker-compose.yml file to get some idea. Appears to be using MariaDB. They shut down OCSP responders and expiry email reminders, so there really is no need to have a database apart from rate limits, auth data, and caching. For Certificate Transparency, they are submitted to Google and CloudFlare run trees but I don't think LetsEncrypt run their own logs.

mcpherrinm 1 day ago | [–]

Let’s Encrypt does operate CT logs. I wrote a blog post about our current-generation logs at https://letsencrypt.org/2024/03/14/introducing-sunlight

nodesocket 1 day ago | [–]

I assume they want to store metadata instead of having to pull from the certificates itself, but maybe that’s actually easier and more performant.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact