Certificates, PKI, Certificate Transparency tools to check

by butsch 3. January 2018 15:20


With the Website crt.sh you can search what Google and other API providers know about a DOMAIN related to issue Certificates.

You can Wildcard search for a Domain you want to get a quick overview of the Certificates they used. (If the customer or internal IT does not know even know they have Certs as example).

Query: https://crt.sh/?q=%25.computerladen.ch

Related site which explains it:

https://www.certificate-transparency.org/what-is-ct (text below from that website)

What is Certificate Transparency?

Certificate Transparency aims to remedy these certificate-based threats by making the issuance and existence of SSL certificates open to scrutiny by domain owners, CAs, and domain users. Specifically, Certificate Transparency has three main goals:

  • Make it impossible (or at least very difficult) for a CA to issue a SSL certificate for a domain without the certificate being visible to the owner of that domain.
  • Provide an open auditing and monitoring system that lets any domain owner or CA determine whether certificates have been mistakenly or maliciously issued.
  • Protect users (as much as possible) from being duped by certificates that were mistakenly or maliciously issued.

Certificate Transparency satisfies these goals by creating an open framework for monitoring the TLS/SSL certificate system and auditing specific TLS/SSL certificates. This open framework consists of three main components, which are described below. Sample which shows usage of crt.sh





Comments are closed

Werbung von Drittfirmen (Nicht Butsch Informatik):

Werbung von Drittfirmen via Google Adsense: