It is possible to verify the logs of who generated a certificate in lets encrypt

Currently I have found a certificate that was generated by lets encrypt, however I would like to know how it was generated and perhaps identify who generated it and the time it was generated.
In the page I find information such as a URL but it does not allow me to open the logs.

Could someone help me with this question ..
Thank you,

1 Like doesn't have any logs: it just aggegrates the certificates submitted to public certificate logs.

Of course Let's Encrypt themselves have a more detailed log, but I'm pretty sure they won't share it with "just anybody" for privacy reasons. But @lestaff can tell you more about that. Perhaps they also can tell us when they do want to share logs and with whom. Might end up to be only law enforcement with the right paperwork, I don't know.

If you're the owner of the domain and you suspect a mis-issuance (i.e., someone managed to get a certificate without the proper authorization), I'm sure Let's Encrypt would like to investigate that. However, if you're not the owner of the domain but just curious, that's almost certainly not enough reason.


Please post your domain so we can better assist you.


I'll let other staff chime in with what we can share and dealing with misissuance, but I would start with your hosting provider. A lot of hosting providers use Let's Encrypt automatically on their customers' domains.


Welcome back Phil!! :slight_smile:


Semi-offtopic: I'm curious about this in general, so we might inform users with such questions without mentioning 17 people in a single tag :wink:

1 Like

A good question at that! I think typically the SRE team are the ones to go to for that - maybe we should start a Lounge thread about when/how to use the lestaff tag?


Hello, thank you very much for responding so promptly.
The domain is located with the Network Solution provider. I also thought that it had bought them automatically but I have not yet been able to validate, I do not know if this provider has that possibility.

On the other hand I would not like to share this domain for security reasons. However, I am grateful if you can tell me how I can proceed to make validations and verify who generated the certificates and where they were generated.

Thanks again for your responses. I am new to the platform and maybe I did not know if I put the case correctly.


We don't disclose account information or validation details in most cases, but I hope this will help:

  • The "Not Before" date/time you see in is exactly one hour before the certificate was successfully requested and issued. (This is to accommodate clients with clocks that are off by one hour, which is common in places that observe Daylight Savings Time.)

  • I happen to know that Network Solutions' "domain parking" service does use Let's Encrypt certificates. If you registered your domain with their default settings, their system very probably requested the certificate as part of adding your domain to parking.

If there's a suspicious certificate that really doesn't seem like it could have been issued by a hosting/domain/CDN/SaaS provider you use, then there is a direct contact for you to report the details so we can investigate. In almost every case, though, we find it's a hosting provider and respond with a template that's just the information above.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.