Home/Tools/Certificate Transparency Lookup

Certificate Transparency Lookup

Discover all SSL/TLS certificates issued for any domain. Find subdomains, detect phishing, monitor unauthorized certificate issuance, and investigate security threats using public CT logs.

Try:

How it works:

This tool queries public Certificate Transparency logs to discover all SSL/TLS certificates issued for a domain, including subdomains and historical certificates. Results are cached for 24 hours.

Need Professional IT Services?

Our IT professionals can help optimize your infrastructure and improve your operations.

Get Free ConsultationView Services

Understanding Certificate Transparency

Certificate Transparency (CT) is an Internet security standard and open framework for monitoring and auditing SSL/TLS certificates. Established by Google in 2013 and formalized in RFC 6962, CT requires all publicly trusted Certificate Authorities to log every certificate they issue in publicly accessible, cryptographically-assured logs.

Why CT Exists

Before CT, Certificate Authorities could issue certificates without public oversight, leading to security incidents where rogue or compromised CAs issued fraudulent certificates for major domains (e.g., DigiNotar breach 2011).

CT solves this by creating an immutable, public audit trail that makes it impossible to issue certificates in secret.

How It Works

  1. 1. CA issues a certificate for a domain
  2. 2. CA submits certificate to public CT logs
  3. 3. CT log returns a Signed Certificate Timestamp (SCT)
  4. 4. Certificate includes SCT as proof of logging
  5. 5. Browsers verify SCT and reject certificates without CT logging
  6. 6. Anyone can query CT logs to discover all certificates

Key Security Terms

Understand the essential concepts behind this tool

X.509 Certificate

A digital certificate standard that binds a public key to an identity, enabling encrypted connections and authentication.

Learn more →

Certificate Transparency (CT)

A public logging system that records all SSL/TLS certificates, enabling detection of misissued or malicious certificates.

Learn more →

Public Key Infrastructure (PKI)

A framework of policies, processes, and technologies for managing digital certificates and public-key encryption.

Learn more →

Certificate Authority (CA)

A trusted entity that issues, validates, and revokes digital certificates used for secure communications.

Learn more →
View all terms in our glossary →

Frequently Asked Questions

Common questions about the Certificate Transparency Lookup

Certificate Transparency (CT) is an Internet security standard established by Google in 2013 and formalized in RFC 6962. It requires all publicly trusted Certificate Authorities to log every SSL/TLS certificate they issue in publicly accessible, cryptographically-assured logs. This creates an immutable audit trail that enables domain owners to monitor certificate issuance for their domains and detect misissued or malicious certificates.
Read More

Explore More Tools

Continue with these related tools

Security
🔐

Password Strength Checker

Test your password strength and get recommendations for improvement

Try it now
Security
🔑

Password Generator

Generate secure random passwords with customizable options

Try it now
Security
🔍

CVE Vulnerability Search

Search and analyze CVE vulnerabilities with CVSS calculator

Try it now

⚠️ Security Notice

This tool is provided for educational and authorized security testing purposes only. Always ensure you have proper authorization before testing any systems or networks you do not own. Unauthorized access or security testing may be illegal in your jurisdiction. All processing happens client-side in your browser - no data is sent to our servers.