cts-submit

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

cts-submit

A. Schulze
Hello,

experiments with nginx-ct ¹) show that I need a tool to submit a certificate to some public logs.
cts-submit ²) seems useful. But it require me to install php on every host :-/

I know there are also python implementations. but
is anybody aware of an implementation in *plain posix shell + openssl* ?

Andreas



¹) https://github.com/grahamedgecombe/nginx-ct
²) https://github.com/jbvignaud/cts-submit
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: cts-submit

Ángel
On 2017-11-26 at 14:17 +0100, A. Schulze wrote:
> Hello,
>
> experiments with nginx-ct ¹) show that I need a tool to submit a certificate to some public logs.
> cts-submit ²) seems useful. But it require me to install php on every host :-/
>
> I know there are also python implementations. but
> is anybody aware of an implementation in *plain posix shell + openssl* ?
>
> Andreas

Doesn't your CA already submit them to the Certificate Transparency
logs?

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: cts-submit

nginx mailing list
You can use ct-submit, once built the binary can be copied and run on any system without any dependencies.


On Mon, Nov 27, 2017 at 10:21 PM, Ángel <[hidden email]> wrote:
On 2017-11-26 at 14:17 +0100, A. Schulze wrote:
> Hello,
>
> experiments with nginx-ct ¹) show that I need a tool to submit a certificate to some public logs.
> cts-submit ²) seems useful. But it require me to install php on every host :-/
>
> I know there are also python implementations. but
> is anybody aware of an implementation in *plain posix shell + openssl* ?
>
> Andreas

Doesn't your CA already submit them to the Certificate Transparency
logs?

_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx


_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx
Reply | Threaded
Open this post in threaded view
|

Re: cts-submit

A. Schulze
In reply to this post by Ángel


Am 27.11.2017 um 22:21 schrieb Ángel:

> On 2017-11-26 at 14:17 +0100, A. Schulze wrote:
>> Hello,
>>
>> experiments with nginx-ct ¹) show that I need a tool to submit a certificate to some public logs.
>> cts-submit ²) seems useful. But it require me to install php on every host :-/
>>
>> I know there are also python implementations. but
>> is anybody aware of an implementation in *plain posix shell + openssl* ?
>>
>> Andreas
>
> Doesn't your CA already submit them to the Certificate Transparency
> logs?

I think LE in my case does. But at the end of the day I need a simple program to fetch
Signed Certificate Timestamp data from one/multiple logs.

Installing php or go (even only for compiling) is inconvenient for me.

Are there other ways to only /fetch/ signed certificate timestamp data?

Andreas
 
_______________________________________________
nginx mailing list
[hidden email]
http://mailman.nginx.org/mailman/listinfo/nginx