I wonder if someone could help me with a somewhat strange problem I have.
The domain we own is quazartech.com, which I manage and don’t actually have any problem with. In the process of setting up LetsEncrypt on another domain, I was led to SSLMate’s CertSpotter, and I figured I may as well set it up for this domain as well.
I find there are a large number of CA Certs issued to “sdkm.quazartech.com”. Each of these certificates includes about 50 domains, each with a seemingly random 4 letter prefix subdomain on a different root domain. These are all issued by Let’s Encrypt. I do not know what this subdomain is. I have checked our DNS records, and no such entry exists. I do not know what these certificates are, who they are being used by, or for what.
Should I be worried? Is there a way for me to invalidate these certificates?