Hi I have a test cert submitted to the google CT log "testtube" at
ct.googleapis.com/testtube but how to retrieve this cert from the log server to prove that it is submitted?
I tried to use a tool "ctclient"
./ctclient
Need command argumentUsage: ctclient [options] <cmd>
where cmd is one of:
sth retrieve signed tree head
upload upload cert chain and show SCT (needs -cert_chain)
getroots show accepted roots
getentries get log entries (needs -first and -last)
./ctclient --help
Usage of ./ctclient:
-allow_verification_with_non_compliant_keys
Allow a SignatureVerifier to use keys which are technically non-compliant with RFC6962.
-cert_chain string
Name of file containing certificate chain as concatenated PEM files
-first int
First entry to get (default -1)
-last int
Last entry to get (default -1)
-log_uri string
-pub_key string
Name of file containing log's public key
-text
Display certificates as text (default true)
But problem is that I don't know the range of the cert when run "getentries". Is there any simple way to retrieve the cert if I know the cert PEM file (full information etc.)?
Thanks