I read somewhere that every SSL certificate registered through Let’s Encrypt is posted in a public directory somewhere, and that this is done because Let’s Encrypt believes in transparency regarding who uses their SSL certificates, but I haven’t been able to find any further information to back up this claim.
Is this true, or did the source have that information wrong?
I have some personal subdomains that I would like to secure with Let’s Encrypt, but if there’s any chance of someone finding those subdomains by way of this public SSL directory, I may have to use a different SSL provider for those ones.
Yes, any certificate you get will be publicly accessible, whether or not you get it from Let's Encrypt.
All CA certificates can be found here https://crt.sh/?, regardless of it's source. If you don't want it available in a public database, you'll have to use self signed certificates.
Honestly, if you don't want your subdomains publicly accessible, why are you putting them on the internet? Security through obscurity, and all that.
Historically we have seen many problems with public CAs creating poor quality certificates, or even issuing certificates that should never have existed. Google grew tired of this some years ago and instituted Certificate Transparency logging. https://www.certificate-transparency.org/
The CT logs accept any certificates that “chain” back to a public CA and they can provide cryptographic proof that a certificate was shown to them at a particular moment in time, called an SCT. Google requires SCTs for any EV certificate and expects to begin requiring them for other certificates eventually. The log servers can be monitored, using a Log Monitor, of which https://crt.sh/ is one popular example. One purpose of monitoring is to ensure that your names aren’t unexpectedly issued any certificates. Facebook already reported an example where a sub-contractor obtained Facebook sub-domain certificates in defiance of Facebook policy, which they couldn’t have detected without monitoring.
Some public CAs, of which Let’s Encrypt is one, voluntarily log all certificates, others don’t yet. Google also requires two CAs to log all their certificates because their past behaviour makes them hard to trust, these are Symantec and CNNIC. Most other CAs are moving to either logging everything, or logging by default with an option to not log if you understand the consequences (your certificates might stop working in Chrome / Android).
Google’s web crawler adds any certificates it sees to the CT logs. So a “personal” subdomain that’s actually just on the public Internet will most likely sooner or later be found by the crawler, indexed and added to the CT logs anyway.
Several research groups also perform their own web crawls, they collect all certificates, regardless of whether they chain back to a trusted root. If your server is on the public Internet it is essentially inevitable that these crawls will collect your certificates eventually.
If you don’t want something accessed over the public Internet, I would strongly recommend simply not connecting it to the public Internet at all.
I think @tialaramex's description of the situation is right: while there are other certificate authorities that don't currently log DV certificate issuance publicly, there are efforts to change that (either by eventually requiring public logging in order for browsers to accept the certs, or by having users and/or crawl machines try to publicly log and report every certificate that they become aware of).
If your site is only meant to be used by a specific group of people (like employees of a particular company), you could use a private CA that you create to issue the certificates for it, and then have those people add that private CA to their trusted list in their browsers or operating systems. In this case, security researchers and advocates generally don't think that your end-entity certificates would need to be made public in order to protect other Internet users (because the other users wouldn't accept those if they encountered them). You can also make your private CA name-constrained so that it's only trusted by your users to issue certs under a particular domain, so they don't have to trust you with the power to certify arbitrary things on the Internet.
This is some great information, thanks! I had no idea that SSL certificate information was published publicly, so this is definitely handy to know for the future.
I’ve now rethought some of my subdomains and moved them over to subfolders where possible, so now the subdomains won’t show up in the certificates, which should add a bit more privacy and security.