Invalid Request response on adding Pre-Certificate chain

[Deeps]

Dear Team,

   We have added the root certificate to the testtube and when we signed leaf cert with root and requested through add-chain we are able to receive the valid response. But when we created pre certificate with Poison OID as per RFC we are receiving Invalid Request for add-pre-chain. (But the same precertificate works with add-chain api).

Please find the pre-certificate signed with root. Kindly let us know are we missing anything.

We have signed the pre certificate directly by Root and not by any dedicated pre certificate CA

Thanks.

[Deeps]

Sorry for the query. We found the POISON OID extension used was not set to critical and it has been resolved. 

Thanks :)

[K T]

> added the root certificate to the testtube 

How did you do this? What's the testtube?

[David Drysdale]

Testtube is one of a set of public test logs that Google runs, to help CAs test the CT part of their issuance process.   To use it, just create a root certificate that complies with the rules and send a request to add it to google-...@googlegroups.com -- we normally add it within a few days. 

Hope that helps,

David

--
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/26e569a3-34f2-49e8-bb0a-a92323c55014%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[K T]

Ah, I see. Thanks.