How many certificates have been signed from Let's Encrypt?


#1

Just curious, is there any place I can see a number which indicates how many certificates have been signed from Let’s Encrypt? Or is there any reason this kind of information shouldn’t be public? The serial number doesn’t look helpful.


#2

https://letsencrypt.org/stats is the secret place to look. Ssh! :wink:


#3

@jcjones ooh nice and pretty :sunglasses:


#4

did i read that correctly 106k domains whitelisted buy only 6100 domain registrations ?

also what are pending challenges ? why so high a number ?


#5

106k whitelisted, but 6100 certificates. Many certificates have a SAN with >1 domain.

Pending challenges will always be high, because while the server issues X challenges at a time (4 right now), the client only has to solve a subset (1 right now).


#6

i see

forgot about SAN domain SSL :slight_smile:


#7

So is it possible to have another measure that, how many individual domains have had at least one certificate signed from Let’s Encrypt?


#8

It’s possible, but actually the Boulder data model doesn’t give us an easy way to grab that data; we’d have to parse every certificate to obtain it, so no easy SQL.

It may be just as easy to process that from a Certificate Transparency log, actually.


#9

at https://crt.sh/?Identity=%&iCAID=7395 there are now 6,408 certificates.

but some (like me) are duplicated N times (888 2 or more , with 30 more than6 time)


#10

fo you also have the number of whitelisting over time? just curious.


#11

The data structure for the whitelist doesn’t include timestamps, so I’d have to get it from the audit logs I’m afraid.