Certificate Transparency Monitor

Search the Certificate Transparency logs for TLS certificates issued for any domain. Detect unauthorized certificate issuance, monitor your domains, and identify potential security issues.

What Is Certificate Transparency?

Certificate Transparency (CT) is an open framework that requires every publicly-trusted Certificate Authority (CA) to log every SSL/TLS certificate it issues. These logs are publicly searchable, making it possible to detect unauthorized or mistakenly issued certificates for your domain.

Why Monitor CT Logs?

Detect rogue or mis-issued certificates before they can be used in attacks.
Monitor your domain's certificate lifecycle and renewal schedule.
Identify phishing domains that use similar-looking certificates.
Ensure compliance with organizational security policies.

Data sourced from crt.sh, a public CT log search engine operated by Sectigo.

How This Tool Works

Enter any domain name and we query Certificate Transparency logs to return all certificates ever issued for that domain. Results include the issuing CA, validity dates, serial numbers, and whether wildcard certificates exist. You can use this data to audit your domain security posture.

Related Tools & Guides

Forward DNS Lookup - check A, AAAA, MX, TXT, and NS records for your domain.
HTTP Headers Inspector - verify HSTS and other security headers for your domain.
IP Lookup - view geolocation and network details for any server IP.
Complete Guide to Online Anonymity - protect your identity when browsing the web.

Frequently Asked Questions

Can anyone search CT logs?

Yes. Certificate Transparency logs are public by design. Anyone can query them to find all certificates issued for a given domain, making it a powerful tool for security researchers and domain owners alike.

What is a wildcard certificate?

A wildcard certificate covers a domain and all its subdomains (e.g., *.example.com). This tool flags whether any wildcard certificates have been issued for the queried domain.

How do I detect unauthorized certificates?

Search for your domain in this tool and review the list of issuers. If you see a CA that you did not authorize or certificates you did not request, investigate immediately and consider revoking them.