No CT logs for

My company is having issues with an SSO implementation for and I noticed there is no CT log for this leaf certificate, only the related precertificates and I am speculating that this is causing an issue somewhere along the line. I found this issue because I wanted to look at CT information for this cert and also noticed that the server sends the Expect-CT header.

Apologies if I am missing something or not understanding this correctly. Maybe I am not searching correctly.

At this point the Expect-CT header is really only useful for reporting purposes, as all browsers now check for CT. As the certificate as valid SCTs embedded, any browser validation will succeed.

Do you have more detail on the issue?

After looking into it further, I realized that every Cloudflare SSL certificate is like this where only the precertificates can be found in CT logs so I decided that is probably not the issue with this SSO implementation.

The services where I’m seeing this behavior are Certificate Transparency Search API by SSLMate


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.