Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
We discovered a CAA record in our DNS for letsencrypt.org. We have no memory of any sites using certs from letsencrypt. Is there anyway to query to find if there are any certs issues by letsencrypt on our domain? (lifefitness.com)
In addition to crt.sh (which is often helpful but sometimes overloaded & slow), there are other services that can help you search Certificate Transparency logs and notify you about issuances:
I'm guessing you already know this, but such an action would need to have been taken by somebody (or something) with the ability to update your DNS records. Presumably (hopefully?) it was done for a good reason.
