3.2.1.4.2.1.4.3.1 Initial Certificate Transparency Request

  • Article

In addition to the processing rules defined in section 3.2.1.4.2.1.4, the CA MUST perform the following processing on the certificate request:

  1. If the Config_CertificateTransparency_Enabled flag (section 3.2.1.1.4) is not set, reject the request with a nonzero error.

  2. Process the request as defined in section 3.2.1.4.2.1.4.1 and construct a precertificate to be returned to the client as specified in section 3.2.1.4.2.1.4.7, with the addition of the precertificate poison extension, as defined in [RFC6962].