Hello, is there any information about when the public domain suffix list used for production is updated or any way to trigger an update?
We got two domains added in publicsuffix/list#779 which was merged March 29th and incorporated into publicsuffix-go. But it’s now nearly 2 months later and boulder points to commit 34e9f3829 which is a few hours and exactly one commit too old to include our domains.
We (somewhat foolishly) launched a product using the domains now without checking that the rate limits actually changed, and pretty quickly started running into the limit since each user gets their own subdomain+wildcard underneath it.
@cpu sorry to ping you but it seems you’ve helped others with this in the past.
Like you noticed in the Boulder Godeps.json Boulder consumes the master public suffix data via a Go dependency called publicsuffix-go. That dependency gets ~daily automatic updates from the master data.
We don't update the publicsuffix-go dependency on any fixed schedule. I typically do it when someone asks I'll open a pull-request for this in a moment.. Here's a PR to update it. After the dependency is updated it will be ~1 week before the staging and production environments are updated.
We would like to be able to consume data updates outside of Boulder release cycles but the required work has been in the backlog for quite a while.
Your timing was lucky and I managed to get the dependency update into this week’s release. If everything proceeds normally the production environment will have the new PSL data on Thursday May 23rd. You can follow the Let’s Encrypt status page to see when this release is deployed. There is always a status update pointing to the release tag/diff.
welcome to the community forum.