CERTIFICATE TRANSPARENCY

Better Certificate Monitoring. Improving Website Security.

As the internet continues to sprawl, more and more SSL/TLS certificates are needed to keep data secure. With so many to manage, improperly or maliciously issued certificates can easily slip through the cracks, threatening the stability and security of the entire SSL/TLS ecosystem.

That's why as of October 1, 2017, all public certificates issued will be required to support Certificate Transparency. Learn more about Certificate Transparency and how Symantec can help you get the most out of this emerging industry standard with our helpful infographic breakdown.

DOWNLOAD PDF

How Certificate Transparency Works

WHO LOGS CERTIFICATES

How Certificaate Transparency Works

Certificate Authority (CA)

Authenticates and verifies identity; issues certificate

How Certificaate Transparency Works
How Certificaate Transparency Works

Website Crawlers

How Certificaate Transparency Works

Certificate Authorities

How Certificaate Transparency Works

Browser Vendors

How Certificaate Transparency Works

Web Users

How Certificaate Transparency Works

Anyone

How Certificaate Transparency Works

CAs log SSL/TLS certificates as part of issuance process

How Certificaate Transparency Works

Third parties seek out, find, and log certificates to promote system transparency

How Certificaate Transparency Works
How Certificaate Transparency Works

Public Certificate Transparency Log Server

How Certificaate Transparency Works

WHO ACCESSES THE LOGS

How Certificaate Transparency Works

Business or Domain Owners / IT

How Certificaate Transparency Works

Web Browsers & Data Aggregators

How Certificaate Transparency Works

Certificate Checkers

How Certificaate Transparency Works

Security Professionals and Applications

Key stakeholders and interested parties can easily monitor the logs to quickly identify and mitigate maliciously or mis-issued certificates.

SYMANTEC CRYPTOREPORT

Determine Your Certificate Transparency

You can also check for Certificate Transparency in the certificate details. If you are using certificates issued before October 1, 2017, you may need to upgrade, replace or reissue your certificate. If your website is not CT-compliant with logged certificates, users may see warnings in Google Chrome.

 

If you want to hide the details of your private website, choose 'Root domain names only' when enrolling new certificates. This is covered by the latest version of the Internet Engineering Task Force (IETF) standards but may not be respected by all browsers or Certificate Transparency logs.

SEE THE REPORT

SYMANTEC CRYPTOREPORT

Protect and Manage

Protect Your Digital Brand

Protect Your Digital Brand

Now it's easier for browsers to spot phishing sites and fake certificates, strengthening trust.

Spot Certificate / Identity Issues

Spot Certificate / Identity Issues

Reveal improperly issued certificates by cross-checking them against public logs.

Maintain Privacy

Maintain Privacy

Symantec supports emerging standards to protect the details of internal, private and sensitive domains.

Easy and Simple to Deploy

Easy and Simple to Deploy

CT is automatically included in any certificates issued after October 1, 2017, and it's easy to update older certificates.

TRUST AND VERIFY

Symantec is leading the industry in support of Certificate Transparency.

CT is standard in all our SSL/TLS certificates. It works like this: Certificate Authorities, such as Symantec, log new certificates in publicly accessible, tamper-proof registries. Browsers can use these logs to verify certificates, and IT managers can also use them to spot problems, including improperly issued, out-of-policy and rogue certificates.

Website Security

Check Certificate Transparency for Your Site

Use Symantec CryptoReport to look up your domain in public logs, including Symantec's.

Intrusion and Threat Protection

SSL/TLS Installation Checker

Learn More

Intrusion and Threat Protection

SSL/TLS Installation Checker

Learn More

Authentication

How SSL Works

Learn More

We have updated our Privacy Policy which can be found here.