What is Certificate Transparency

Why logging SSL certificates makes the internet safer

Certificate Transparency is a mechanism used to publicly log SSL certificates, this helps website owners and watchdogs detect mis-issuance.

Of all the threats facing the SSL industry, mis-issuance is among the most dangerous. A mis-issuance happens when a Certificate Authority issues an SSL certificate improperly. This could on account of incorrect information in the CSR, the certificate being issued to the wrong person or it could even mean the entire CA is compromised.

Starting March 1, 2018, every SSL certificate that is issued will be logged. This will be done at the CA level and will have absolutely no impact on the website or its users. Typically if a CA fails to log a certificate, Google’s web-crawlers will log it within a few days. But you may still want to double-check before installing the certificate.

The CT logs are fully searchable, you should be able to find your own SSL certificate in it. Overall this is good for the entire SSL ecosystem because, as the name suggests, it provides a great degree of transparency into what the CAs are doing with regard to validation and issuance.

If you would like to learn more about Certificate Transparency, here is an in-depth look.

  • 0 Users Found This Useful
     Was this answer helpful?

Related Articles

 What is the Difference Between SHA-2 and SHA-2-Full-Chain

While you’re generating your SSL/TLS Certificate you may see an option to select a from 2 different hashing algorithms. You’re given a choice between SHA-2 and FULL SHA-2. SHA-2 is also sometimes referred to as SHA-256. But what’s the difference,...

 How to Check a Certificate’s Expiration Date (Chrome)

Get certificate information on any website in just a few clicks. Checking your SSL certificate’s expiration date on Google Chrome is fairly easy. Depending on which version of Chrome you’re running, it can be done within just a few clicks. Here’s...

 Troubleshooting Insecure Content

One of the most common issues site owners run into when installing and SSL certificate and migrating to HTTPS is Insecure Content. This error is produced when content on a secure website is being loaded through a non-secure source. An example...

 Troubleshooting a Name Mismatch in Web Browser

A Name Mismatch in the Web Browser occurs when the common name listed on an SSL certificate doesn’t match the name displayed in the URL bar. In order for an encrypted connection to commence, both the name on the certificate and the name in the URL...

 Explaining the Chain of Trust

A brief overview of PKI (Private Key Infrastructure) and why your certificate is trusted. One of the most common questions we field is in relation to the “Chain of Trust.” If you’ve ever had any questions about roots, intermediates or how SSL...

Powered by WHMCompleteSolution