Is there a feed of all domains signed by Let's Encrypt?

Does Let’s Encrypt offer a feed of all domains you have signed? I think that might be a good source of information for anti-phishing organizations (like the APWG) who want to be aware of the use of domains such as “paypal.com.evilhackersite.com”.

Let’s Encrypt logs all issued certificates to public Certificate Transparency log servers. These certificates can be retrieved by anyone, using the mechanism described in RFC 6962. A number of other CAs participate in Certificate Transparency as well, and Chrome is going to enforce this by November, so by then all newly-issued certificates should be logged.

https://crt.sh/ is one site you can use to search through all certificates known to Certificate Transparency log servers. I think they support RSS if you want to automate a search in some way.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.