How would you know if there have been any unauthorized SSL certificates issued for your domain? How can you protect your domain name and the people who use your web site from this happening? The CT Search tool makes it quite simple. Just type in your domain name and decide whether to select expired certificates and subdomains. Instantly all certificates from the Google CT logs will be displayed.

The records are sorted by Certification Authority (CA), so you can quickly find and review certificates issued from an unapproved CA. Clicking on the “Subject CN” name will provide the certificate details including the CT logs and all of the domain names (i.e., Subject Alt Names) that the certificate supports.

SSL certificate logs

You can share your CT Search results by clicking “Copy Link to These Results” or if you just want the result for a specific certificate, you can click “Copy Link.” In both cases, a copy of the link will appear on your clipboard allowing you to paste it in an email or document.

Please note that the CT Search is not exhaustive. The found certificates include only:

  • EV certificates that have been valid since January 1, 2015,
  • OV and DV certificates that have been logged by a CA,
  • Certificates that have been found by Google through web searches, and
  • Other certificates that have been posted by third parties.

If you find any unauthorized certificates, you may want to perform a certificate discovery to see if you find other similar certificates.

Protect your brand and your domain name as well as the people who visit your website, try Entrust Datacard’s complimentary Certificate Transparency Search Tool.