For reference:

* Certificate # 250k: Jan. 5, 2016 [1]

* Certificate # 500k: Feb. 4, 2016 [2]

* Certificate # 1M: Mar. 8, 2016

Seems they went from 250k certs per month in Jan to 500k certs per month in Feb.

[1] https://twitter.com/letsencrypt/status/684221075966705664

[2] https://twitter.com/letsencrypt/status/695077737380208640

Who is publishing this list of possibly not-published-anywhere-else SSL sites? Having them all in a big easy to download list is not what I expected from LetsEncrypt.

It’s intentional. The general idea is to make it easier to detect fraudulently issued certificates. LetsEncrypt submit all certificates[0] to Certificate Transparency[1] logs.

Chrome won’t actually show the green address bar for EV certs unless a CT proof is provided along with the certificate[2].

[0]https://letsencrypt.org/certificates/

[1]https://www.certificate-transparency.org/faq

[2]https://blog.digicert.com/certificate-transparency-required-...

Certificate transparency makes it much harder to surreptitiously issue a certificate and holds the offending CA responsible in case of unauthorized certificates. If your site is not public, you're better off with your own private CA anyway.

It's the public certificate audit log. It's not an accidental data leak.

For private sites just use your own CA.

Also the server for LetsEncrypt is open source [1] and comes with test scripts to run it during development and testing to avoid premature exposure to the public instance of LetsEncrypt.

[1] https://github.com/letsencrypt/boulder

https://whois.domaintools.com/crt.sh Thought I recognised the favicon, it's Comodo. I don't see the problem, if you want a secret url then self sign and distribute your certificate with other methods.

Is this a Certificate Transparency log ? It does not look "live" though. How often is it refreshed ?

The transparency logs themselves grow in bulk. If I watch one of the main logs with a 30 second refresh, I can go two hours without a single cert, then 2000 or so scroll past at once.

It refreshed a few minutes ago. Perhaps all 15 min?

It jumped from 997,800 to 998,500 to 999,905 within the last 30 minutes. So i guess in in the next hour they will break 1M.

Lucky me, I saw it at 999,905 and then immediately refreshed and it was at 1,000,038. I feel so blessed to have seen it pass 1M. :)

+33 certs by last reload. Edit: 1Million

Why does it look that most of issued certificates are for malware /ads domains? I'm guessing from the weird names.

It could be very well that most domains on the internet are for malware and ads where the cost of the domain itself is just slightly below break even point and LetsEncrypt now allows to serve them over https without extra investment.

Yay to : webdemo.jung.de

You win some internet points.

Its vuweb.smf.telema-stg.whitecloud.jp actually!

I counted the same.

https://crt.sh/?id=14392504

Damn off by 1 errors.

Woo! Just hit the 1,000,038th!

#1,000,000 https://crt.sh/?id=14392504

I think this was the 1,000,000th one: https://crt.sh/?id=14392497 [but I just counted back down 38 from the page list...]

If you include the most recent you have to count down by 39, yours is the 1,000,001st

the site is owned by Comodo, it shows logs for various CA's