Certificate Transparency Search
Every TLS certificate ever issued for a domain, straight from the public CT logs. Great for finding forgotten subdomains and spotting unauthorized issuance.
About Certificate Transparency Search
Certificate Transparency Search queries the public CT logs (via crt.sh) to return every publicly-trusted TLS certificate that has ever been issued for a domain. Since 2018, Chrome and other major browsers refuse to trust any publicly-issued certificate that is not logged, so CT is effectively a global, tamper-evident ledger of the entire public TLS ecosystem — a gold mine for reconnaissance, incident response, subdomain discovery, and detection of unauthorized certificate issuance.
For each certificate we show the common name, issuing CA, validity window, the number of Subject Alternative Names, and a direct link to the full record on crt.sh. Because SANs are indexed, requesting a domain with 'include subdomains' will surface hostnames you may have forgotten about — dev, staging, internal-*.example.com, one-off marketing subdomains — anything that has ever received a certificate. That's often the fastest way to enumerate the true attack surface of a target.
Combine CT Search with our CAA Lookup (which CAs are allowed to issue) and SSL Checker (what's live right now) for a complete picture of your TLS story. Security teams use it to spot mis-issuance immediately; DevOps teams use it to inventory certificates before a CA migration; bug-bounty hunters use it to discover overlooked hosts.
How to use this tool
- 1Enter the required value in the input field above (domain, IP, URL, or text depending on the tool).
- 2Click the action button to run the check — results are computed instantly from our edge network.
- 3Review the parsed output, key fields and any warnings shown in the result card.
- 4Copy the result, share the page URL, or jump to a related tool from the sidebar to continue debugging.
Key features
- Every certificate ever logged, straight from crt.sh
- Optional subdomain expansion for full attack surface
- Issuer breakdown — spot rogue CAs at a glance
- Active vs expired badge on every row
- Direct crt.sh deep-link on each certificate ID