Back to Tools
Certificate Transparency Search
Search CT logs — find all SSL certificates issued for any domain.
This tool is being set up. Backend processing coming soon. In the meantime, review the reference guide below and use the CLI equivalent.
What Is Certificate Transparency?
Certificate Transparency (CT, RFC 6962) is a system for logging and monitoring SSL certificate issuance. Every publicly-trusted Certificate Authority must submit issued certificates to CT logs. These logs are append-only, publicly auditable, and cryptographically verifiable. Browsers require CT proofs (Signed Certificate Timestamps) for certificates to be trusted.
Why CT matters: Before CT, a rogue or compromised CA could issue a certificate for your domain without your knowledge. With CT, every certificate is publicly logged. You can search CT logs to detect unauthorized certificate issuance — a key signal of domain hijacking or CA compromise.
Using CT for Security Monitoring
1. Detect phishing certificates: Search for your domain periodically. Unknown certificates from unfamiliar CAs may indicate a phishing campaign targeting your users.
2. Monitor subdomain certificates: Wildcard certificates show up for *.example.com, but individual subdomain certificates reveal which subdomains exist publicly.
3. Verify Let's Encrypt automation: If you use Let's Encrypt with auto-renewal, CT logs confirm certificates are being renewed on schedule.
4. Certificate lifecycle visibility: See when certificates were issued, when they expire, and which CA issued them — useful for inventory management.
CLI Equivalent
curl -s "https://crt.sh/?q=%25.example.com&output=json" | jq .