Hello. Could someone please tell me if it is possible to look up the registrant details for a particular certificate?
I believe that have been scammed by a website. I am trying to investigate this as much as I can in order to possibly pass details on to Law Enforcement. I have done a WHOIS lookup on the website in question and no records are available. However, I have discovered that the website in question has an SSL certificate granted by Let’s Encrypt.
Is there any way that I can use any of the data from the certificate to see to who it is registered?
Note that a law enforcement entity could, itself, serve a subpoena on Let’s Encrypt in the course of its own investigation. Let’s Encrypt is likely to have less information than the domain registrar, because it asks subscribers for less information—no name or address is requested, and even the e-mail address is optional—and because (unlike domain registrars) it doesn’t collect payments for its services.
Looking at the legal transparency reports at
it’s been extremely rare for Let’s Encrypt to be the recipient of legal requests, perhaps because of the extremely tiny amount of non-public information Let’s Encrypt possesses about its users.
This policy shows that information about users generally can’t be given out to the public.