Cert Spotter monitors public Certificate Transparency logs and alerts you when a digital certificate is issued for one of your domains
How Cert Spotter Works
About Certificate Transparency
Certificate Transparency is a system for publicly logging digital certificates. Domain owners can monitor Certificate Transparency logs to discover certificates for their domains. Certificate Transparency helps you detect authorized but undocumented certificates as well as unauthorized certificates that were issued due to a security compromise. Learn more about use cases. Armed with this information, you can assess the security impact and take appropriate action, such as revoking the bad certificates.
Certificate Transparency logs are designed to resist malfeasance. Logs use an append-only and auditable cryptographic structure called a Merkle Tree, which is similar to the Bitcoin blockchain, to ensure that once a certificate is logged, it can never be removed. To keep logs honest, independent auditors continuously monitor logs to ensure they are behaving correctly.
Certificate Transparency was launched by Google in 2013 to solve the trust problems with the Web's PKI. It is currently being standardized by the IETF. Learn more at www.certificate-transparency.org
Anyone can submit a certificate to a Certificate Transparency log as long as the certificate was issued by a publicly-trusted certificate authority (note that some logs only accept certificates from certain CAs). A certificate can be submitted by the certificate authority when issuing the certificate, or by third parties that scan the Internet for certificates.
The following certificates are submitted to CT logs:
- Extended validation (EV) certificates
- All certificates issued by the following CAs:
- Certificates that are detected when crawling web pages and doing Internet-wide scans.
Certificate Transparency logs provide a simple public API to retrieve certificates and audit the log for correct operation. However, the API is primitive: it is only possible to retrieve certificates by their position in the log. To discover all certificates for a domain, one must download every single log entry from every log server, and parse each one.
This is where Cert Spotter comes in. Cert Spotter monitors logs for you. We download, process, and index every certificate from every known log. You can retrieve certificates by domain name using a simple JSON API, or subscribe to notifications of new certificates. You'll receive an alert whenever a certificate is detected, and you'll be able to review all detected certificates from an easy web dashboard.
Cert Spotter is also available as an open source program if you don't mind setting it up yourself.
Cert Spotter assumes an adversarial model in which an attacker produces a certificate that is accepted by at least some clients but goes undetected because of an encoding error that prevents CT monitors from understanding it. To defend against this attack, Cert Spotter uses a special certificate parser that keeps the certificate unparsed except for the identifiers. If one of the identifiers matches a domain on your watchlist, you will be notified, even if other parts of the certificate are unparsable.
Cert Spotter takes special precautions to ensure identifiers are parsed correctly, and implements defenses against identifier-based attacks. For instance, if a DNS identifier contains a null byte, Cert Spotter interprets it as two identifiers: the complete identifier, and the identifier formed by truncating at the first null byte. For example, a certificate for example.org\0.example.com will alert the owners of both example.org and example.com. This defends against null prefix attacks.
Cert Spotter understands wildcard and redacted DNS names, and will alert you if a wildcard or redacted certificate might match an identifier on your watchlist. For example, a watchlist entry for sub.example.com would match certificates for *.example.com or ?.example.com.
Cert Spotter is not just a log monitor, but also a log auditor which checks that the log is obeying its append-only property.