This is really cool. I've gone down the rabbit hole of Certificate Transparency to find out how crt.sh gets its information - first time I've even heard that it exists. Also, much better UI than crt.sh. I've tried to go over the information there, but it looks really cumbersome.
Hey HN, I built this after years of dealing with SSL certificate surprises –
expired certs on subdomains nobody knew existed, shadow IT spinning up certs,
the usual 3am outages.
CertRadar has four free tools (no signup, no premium tier):
- CT Log Search – find every certificate ever issued for a domain via
Certificate Transparency logs. Great for discovering forgotten subdomains.
CertRadar has four free tools (no signup, no premium tier):
- CT Log Search – find every certificate ever issued for a domain via Certificate Transparency logs. Great for discovering forgotten subdomains.
- SSL Analyzer – cert chain, TLS versions, HSTS, expiration. Faster than SSL Labs.
- DNS + SSL Check – DNS records and SSL health in one view.
- Security Headers – HSTS, CSP, X-Frame-Options analysis with recommendations.
Built with Rust on GCP Cloud Run. Happy to talk about the architecture or any feedback on what would make these more useful.