Do I need to remove TLS based SCTs straight away?


I setup nginx to send SCTs with the appropriate TLS extension using the nginx-xt module.

Now that Let’s Encrypt is embedding SCTs directly into the certificates I just want to check wether anything will break next time my certificate is renewed by certbot?

(Obviously if it doesn’t break, sending certificate transparency information both ways would be redundant and I’ll be looking at remedying that, just wanted to see how urgent this would be)


Hi @jonnybarnes,

I don’t believe this redundancy should create any problems for clients.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.