Find all certificates issued for a domain via Certificate Transparency logs. Free CT log search.
Certificate Transparency (CT) is a system where CAs log every issued certificate to public, append-only logs. This tool searches those logs for certificates that have been issued for a given domain or hostname. You can discover all certs that contain your domain in the subject or SANs, including certs you did not request (e.g. misissued or from another team). Use it for security monitoring, to detect unauthorized issuance, to see when and by which CA a cert was issued, and to audit which hostnames are covered across your organization. Results are based on publicly available CT log data and may have a short delay. The tool does not issue or revoke certificates; it only queries existing log entries.
Public logs where CAs record every issued certificate. Browsers expect certs to be in CT logs for trust.
To see all certs issued for it, catch unauthorized issuance, or verify that your new cert appears in the logs.
Logs are updated as CAs submit; there can be a delay of minutes. Old certs remain searchable.
Some tools support searching by certificate fingerprint or serial. Check the search options.
Major public CAs log to CT. Browsers require CT for publicly trusted certs. Internal or private CAs may not.