This repository has been archived by the owner on Jun 19, 2022. It is now read-only.
ct-tools seems to trip over AIA chasing via crt.sh if input is more than >25-50 certifices #95
Comments
|
Manage to work around it with a bash script... but the issue of AIA chasing is still a valid one I think? ;-) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Although I know that the AIA chasing via crt.sh was meant as a stopgap measure (I read the comments in the code) I do rely on it for submitting previously unknown certs to CT logs when I don't have the complete chain included. When submitting larger number of certificates the chain building fails and as such incomplete certificates are offered to CT logs with predictable results. Maybe it could be a rate limit bij crt.sh per IP-address?
The text was updated successfully, but these errors were encountered: