Hi,
On Thu, Apr 28, 2016 at 02:43:27PM -0700, flex zone wrote:
> I'm trying to submit my certificatechain to some log servers but getting
> this error:
>
> *unexpected status 400 Bad Request from log server:*
>
> *{ "error_message": "could not verify certificate chain", "success": false
> }*
Logs only accept submissions of certificates that chain up to one of
their accepted roots. You can use the /ct/v1/get-roots endpoint to get a
list of the root certs a log accepts.
In your case I suspect that the IdenTrust root certificate, which Let's
Encrypt certs chain up to, is not accepted by the logs you are having
problems with.
Graham