Is it possible to find out the history of issuers of SSL certificates for a particular website? For example if a website had a cert issued from one company A originally, then the website had a new certificate issued from company B? Would I be able to find out who company A was and the time the Cert was issued from start to end date? In this scenario I don't have access to the server hosting the website. I've tried looking at the certificate info via web browsers, I don't seem to see any such records.
1
-
This information isn’t categorized for a lot of reasons, a certificate is signed by the Root CA, and most individuals with a certificate only use the single certificate for that specific use. When that certificate expires, a new certificate is generated, and the old certificate is retired. What purpose would a database of expired or revoked certificate serve?– RamhoundCommented Jun 29, 2023 at 13:51
Add a comment
|
2 Answers
In general, no. You would have to manually monitor those changes ahead of time. Current certificates don't have any link to previous ones.
That said, Sectigo's certificate log collector: https://crt.sh/ does scan most major public certificate authority logs like Digicert's, and snapshots SSL certificates going back up to 10 years, but may not necessarily monitor the websites you need.
answered Jun 29, 2023 at 13:51
-
-
@Ramhound It's slow and sometimes times out but ultimately works after a few tries. Commented Jun 29, 2023 at 13:53
-
2crt.sh isn't crawling public websites, instead it is a search of the issuers CT logs (the CAs put on a public log every time they issue a cert) Commented Jun 29, 2023 at 13:55
-
You can try to search on some Certificate Transparency search engine.
The prime example of such a tool is crt.sh by Sectigo's Rob Stradling.
The way those work is by using the data from the Certificate Transparency logs that record all certificates issued by publicly trusted certificate authorities.
answered Jun 29, 2023 at 13:51
