
Show HN: Certificate Transparency Log Monitor - agwa
https://sslmate.com/certspotter
======
y0ghur7_xxx
This is really nice. I have been using the atom feed provided by
[https://crt.sh/](https://crt.sh/) and an ifttt recipe to send me an email
when a new cert is logged¹, but this service looks really nice and made
exactly for this purpose.

¹[https://www.linickx.com/monitor-for-fake-certificates-
with-c...](https://www.linickx.com/monitor-for-fake-certificates-with-
certificate-transparency)

edit: my ifttt recipe: [https://ifttt.com/recipes/444453-get-notified-when-a-
certifi...](https://ifttt.com/recipes/444453-get-notified-when-a-certificate-
for-your-domain-is-submitted-to-a-certificate-log-server)

~~~
praseodym
[https://ctadvisor.lolware.net](https://ctadvisor.lolware.net) does about the
same.

~~~
technion
Thank you for mentioning my service.

When I first posted it on HN, it went offline literally seconds later in the
Linode DDoS (it's now on AWS). Naturally, it's largely flown under the radar
since.

------
0xmohit
Also worth looking at is Google's Certificate Transparency project [0], [1].

    
    
      Certificate Transparency makes it possible to detect SSL
      certificates that have been mistakenly issued by a certificate
      authority or maliciously acquired from an otherwise
      unimpeachable certificate authority. It also makes it possible
      to identify certificate authorities that have gone rogue and
      are maliciously issuing certificates.
    

Certificate Transparency Lookup Tool [2].

[0] [https://www.certificate-transparency.org/](https://www.certificate-
transparency.org/)

[1] [https://github.com/google/certificate-
transparency](https://github.com/google/certificate-transparency)

[2]
[https://www.google.com/transparencyreport/https/ct/](https://www.google.com/transparencyreport/https/ct/)

~~~
prdonahue
Yes, they're monitoring these CT logs..

------
michaelmior
Interesting to see how CloudFlare is generating certificates. I never looked
very closely at the certificate for my domains but I see they batch them
together with others. This happens to contain all the domains I have
registered with my CloudFlare account.

    
    
      *.cobaltlightning.com
      cobaltlightning.com
      *.crimsonapparel.com.au
      crimsonapparel.com.au
      *.davesweboflies.com
      davesweboflies.com
      *.drjoe.ca
      drjoe.ca
      *.echointeltech.com
      echointeltech.com
      *.goel.io
      goel.io
      *.hodinhvietnam.com
      hodinhvietnam.com
      *.mior.ca
      mior.ca
      *.odesaemlak.com
      odesaemlak.com
      *.ontariogradnet.ca
      ontariogradnet.ca
      *.personalinjury-solicitorsbirmingham.co.uk
      personalinjury-solicitorsbirmingham.co.uk
      sni26843.cloudflaressl.com
      *.szerverit.hu
      szerverit.hu
      *.teveo.com.co
      teveo.com.co

~~~
agwa
Yup, Ted Cruz learned about this the hard way ;-)

[http://arstechnica.com/information-technology/2015/03/ted-
cr...](http://arstechnica.com/information-technology/2015/03/ted-cruz-for-
presidents-ssl-certificate-nigerian-prince-headache/)

------
bks
Is there something like this that that:

1\. checks to see if there is a certificate issue for the domain

2\. If yes, checks exp date, issuer and certificate file

3\. Logs / triggers an event

4\. If No, logs triggers an event

~~~
technion
Can you clarify how what you're looking for is different to "alert me if a
certificate is created" ?

