List All Certificates Issued for a Domain
The certificate transparency project maintains logs of all certificates issued. My understanding is that this was originally started by Google, but is now a distributed trust network where all CAs submit certificates to at least two “public logs.” This means that there is a collective, verifiable data about all trusted certificates on the Internet. From a security perspective it is helpful to have a full inventory of all certificates issued for your domain(s). More importantly is knowing when illegitimate certificates have been issued, due to a rogue or reckless CA or the failure of internal approval processes. A few companies have built tools and services to monitor the transparency logs to report this information. ...