I want to implement Signed Exchange within my website. I know that, in production, a certificate with the CanSignHttpExchanges extension is needed for the signed exchange. My website is hosted on AWS and I have bought the SSL certificate of my domain from SSL Store. Now I want to buy certificate from Google CA so that I can get support of CanSignHttpExchanges extension.
Now, my questions are :
if I buy a certificate from Gooogle CA, then does the support of "CanSignHttpExchanges" extension comes by default? If not, how can I get the support?
How can I add the certificate in my website?
Is there a way to auto update the certificate periodically?
This is a question about the Google CA rather than the Let's Encrypt CA, but this forum is meant for questions about Let's Encrypt rather than other CAs' services.
On the other hand, I haven't found any way on Google's site to ask questions about Google Trust Services.
The Google Trust Services CPS does contemplate issuance of certificates for SXP, but that doesn't necessarily mean that there's a way for the general public to get them.
@rmhrisk, can you answer @Shuvo-Hoque's question, or suggest a place where people can get support or ask questions about Google Trust Services?
I can't seem to find it at the moment, but I swear I had a link to a Github project that talked about how to request SXG certs from Google Trust Services. All I have in my notes though is that you need to use this directory endpoint instead of the normal one: