1. Home
  2. Projects
  3. Certificate Transparency Monitor

Certificate Transparency Monitor

Introduction

Certificate Transparency is a system for monitoring and auditing publicly-trusted SSL certificates. This website monitors Certificate Transparency log servers to check that they are behaving correctly.

Logs

Show:

Log URL Newest verified STH timestamp (UTC) Status Uptime
Akamai https://ct.akamai.com 2015-07-27 17:28:48 Ceased N/A
Behind The Sofa https://ct.filippo.io/behindthesofa 2018-04-19 05:58:47 Warning 98.83%
Certly https://log.certly.io 2016-04-30 17:59:42 Ceased N/A
Cloudflare Nimbus 2017 https://ct.cloudflare.com/logs/nimbus2017 2018-01-03 18:35:08 Frozen 99.87%
Cloudflare Nimbus 2018 https://ct.cloudflare.com/logs/nimbus2018 2018-04-19 15:06:04 Bad 99.86%
Cloudflare Nimbus 2019 https://ct.cloudflare.com/logs/nimbus2019 2018-04-19 15:02:05 Good 99.87%
Cloudflare Nimbus 2020 https://ct.cloudflare.com/logs/nimbus2020 2018-04-19 15:04:05 Good 99.87%
Cloudflare Nimbus 2021 https://ct.cloudflare.com/logs/nimbus2021 2018-04-19 15:00:06 Good 99.86%
CNNIC https://ctserver.cnnic.cn 2018-04-19 14:22:39 Good 99.61%
Comodo Dodo https://dodo.ct.comodo.com 2018-04-19 15:09:56 Warning 99.75%
Comodo Mammoth https://mammoth.ct.comodo.com 2018-04-19 15:11:46 Good 99.68%
Comodo Sabre https://sabre.ct.comodo.com 2018-04-19 15:08:30 Good 99.83%
ctlog.keysupport.org https://ctlog.keysupport.org N/A Pending 99.81%
DigiCert 1 https://ct1.digicert-ct.com/log 2018-04-19 03:00:54 Good 99.78%
DigiCert 2 https://ct2.digicert-ct.com/log 2018-04-19 03:00:39 Good 99.69%
DigiCert Golem https://golem.ct.digicert.com/log N/A Pending 99.79%
DigiCert Nessie 2018 https://nessie2018.ct.digicert.com/log 2018-04-19 03:00:40 Good 99.79%
DigiCert Nessie 2019 https://nessie2019.ct.digicert.com/log 2018-04-19 03:00:17 Good 99.79%
DigiCert Nessie 2020 https://nessie2020.ct.digicert.com/log 2018-04-19 03:00:18 Good 99.79%
DigiCert Nessie 2021 https://nessie2021.ct.digicert.com/log 2018-04-19 03:00:20 Warning 99.79%
DigiCert Nessie 2022 https://nessie2022.ct.digicert.com/log 2018-04-19 03:00:19 Good 99.80%
DigiCert Yeti 2018 https://yeti2018.ct.digicert.com/log 2018-04-19 03:00:38 Good 99.78%
DigiCert Yeti 2019 https://yeti2019.ct.digicert.com/log 2018-04-19 03:00:06 Good 99.78%
DigiCert Yeti 2020 https://yeti2020.ct.digicert.com/log 2018-04-19 03:00:14 Good 99.79%
DigiCert Yeti 2021 https://yeti2021.ct.digicert.com/log 2018-04-19 03:00:49 Good 99.80%
DigiCert Yeti 2022 https://yeti2022.ct.digicert.com/log 2018-04-19 03:00:26 Good 99.78%
GDCA 1 https://log.gdca.com.cn 2018-04-19 15:06:01 Warning 99.77%
GDCA 2 https://log2.gdca.com.cn 2018-04-19 15:04:00 Good 99.86%
GDCA 2 (Old Key) https://log2.gdca.com.cn 2017-09-07 20:11:06 Ceased N/A
GDCA (Old 1) https://ct.gdca.com.cn 2018-04-19 15:04:48 Warning 90.04%
GDCA (Old 2) https://ctlog.gdca.com.cn 2018-04-19 15:07:33 Warning 99.58%
Google Argon 2017 https://ct.googleapis.com/logs/argon2017 2018-04-19 14:57:15 Good 99.87%
Google Argon 2018 https://ct.googleapis.com/logs/argon2018 2018-04-19 15:11:08 Good 99.88%
Google Argon 2019 https://ct.googleapis.com/logs/argon2019 2018-04-19 15:09:31 Good 99.88%
Google Argon 2020 https://ct.googleapis.com/logs/argon2020 2018-04-19 15:10:48 Good 99.88%
Google Argon 2021 https://ct.googleapis.com/logs/argon2021 2018-04-19 15:07:32 Good 99.88%
Google Aviator https://ct.googleapis.com/aviator 2016-11-30 13:24:18 Frozen 99.88%
Google Daedalus https://ct.googleapis.com/daedalus 2018-04-19 13:58:41 Good 99.88%
Google Icarus https://ct.googleapis.com/icarus 2018-04-19 14:36:09 Good 99.88%
Google Pilot https://ct.googleapis.com/pilot 2018-04-19 14:25:42 Good 99.88%
Google Rocketeer https://ct.googleapis.com/rocketeer 2018-04-19 13:57:20 Good 99.88%
Google Skydiver https://ct.googleapis.com/skydiver 2018-04-19 14:02:02 Good 99.87%
Google Submariner https://ct.googleapis.com/submariner 2018-04-19 14:53:56 Good 99.88%
Google Test Tube https://ct.googleapis.com/testtube 2018-04-19 14:50:21 Good 99.88%
Google Xenon 2018 https://ct.googleapis.com/logs/xenon2018 2018-04-19 14:26:51 Good 99.88%
Google Xenon 2019 https://ct.googleapis.com/logs/xenon2019 2018-04-19 14:26:54 Good 99.88%
Google Xenon 2020 https://ct.googleapis.com/logs/xenon2020 2018-04-19 14:26:57 Good 99.87%
Google Xenon 2021 https://ct.googleapis.com/logs/xenon2021 2018-04-19 14:26:50 Good 99.88%
Google Xenon 2022 https://ct.googleapis.com/logs/xenon2022 2018-04-19 14:26:57 Good 99.87%
Izenpe https://ct.izenpe.com 2016-10-25 07:25:56 Ceased N/A
Izenpe Argi https://ct.izenpe.eus 2017-06-05 09:53:01 Ceased N/A
Izenpe Pilot https://ct.izenpe.com/pilot 2016-05-14 19:41:49 Ceased N/A
Let's Encrypt Clicky https://clicky.ct.letsencrypt.org 2017-06-02 07:58:06 Ceased N/A
Let's Encrypt Oak https://oak.ct.letsencrypt.org/oak N/A Pending 85.34%
NORDUnet Flimsy https://flimsy.ct.nordu.net N/A Ceased N/A
NORDUnet Plausible https://plausible.ct.nordu.net 2018-04-19 15:02:17 Warning 99.80%
PuChuangSiDa https://www.certificatetransparency.cn/ct 2017-05-12 02:40:17 Ceased N/A
SHECA https://ct.sheca.com 2018-04-19 15:03:18 Warning 93.20%
SHECA (Old) http://ctlog.sheca.com 2017-03-23 09:47:08 Ceased N/A
SSLWatcher.com Alpha https://alpha.ctlogs.org N/A Ceased N/A
StartCom https://ct.startssl.com 2018-04-18 05:52:18 Bad 98.14%
Symantec https://ct.ws.symantec.com 2018-04-19 13:00:45 Good 99.86%
Symantec Deneb https://deneb.ws.symantec.com 2018-04-19 13:00:00 Good 99.79%
Symantec Sirius https://sirius.ws.symantec.com 2018-04-19 13:00:02 Good 99.85%
Symantec Vega https://vega.ws.symantec.com 2018-04-19 13:00:07 Good 99.80%
Venafi https://ctlog.api.venafi.com 2017-11-03 19:36:02 Ceased N/A
Venafi Gen2 https://ctlog-gen2.api.venafi.com 2018-04-19 15:12:40 Warning 99.82%
WoSign https://ctlog.wosign.com 2018-04-18 02:39:01 Bad 95.70%
WoSign 2 https://ctlog2.wosign.com 2017-09-13 00:59:26 Ceased N/A
WoSign 3 https://ctlog3.wosign.com 2017-09-25 05:49:12 Ceased N/A
WoSign (Old) https://ct.wosign.com 2016-04-14 03:22:46 Ceased N/A
WoTrus https://ctlog.wotrus.com 2018-04-19 14:52:10 Good 99.61%
WoTrus 3 https://ctlog3.wotrus.com 2018-04-18 05:29:49 Bad 98.09%

The list of logs is also available in JSON format at /logs.json. The schema is identical to the schema used by the official log_list.json and all_logs_list.json files, with the following exceptions:

Monitors

Gossip is exchanged with the following monitors:

Monitor URL
Cert Spotter https://certspotter.com
Chromium STHSets https://clients2.google.com/service/update2/crx
Google https://www.gstatic.com/ct/gossip

Signed Tree Head gossip

Two API endpoints are provided for exchanging STH gossip:

Both return all the STHs observed over the last hour, so there is little point in querying them more than once every 30 minutes. If you use one of these endpoints, I'd appreciate being able to fetch gossip from your monitor in return. In particular, the /ct/v1/sth-gossip endpoint doesn't support exchanging gossip in both directions. Get in touch with me if you want to organise this.

Signed Certificate Timestamp gossip

An experimental API endpoint is provided for submitting SCT gossip:

The monitor checks that the corresponding entries are included in the log after the log's Maximum Merge Delay has elapsed. Although the results of this check are stored in the database, they are not currently displayed in the web interface.

Tor

This website is also available as a Tor hidden service at ctgpe2yc6ez56dhwd5hpj2tdkiuz4m5iy7347cpzmxyacphl72dmfyqd.onion (supported by Tor versions >= 0.3.2) or ctgpe47oofn4ov5v.onion if you want to exchange gossip while remaining anonymous.

Methodology

I've put up a page describing the methodology used by the monitor. If the monitor displays a warning or bad status for a log, you should read the methodology page before reporting it to the log operator (or even better, get in touch, as the web interface doesn't present all of the available data). In particular, the backend is hosted from a residential Internet connection and network outages may cause false positives.