Loading controls...
Control: Certificates should be visible in Certificate Transparency (CT) logs
Description
Certificate Transparency (CT) is an internet security standard for monitoring and auditing digital certificates. If a certificate authority issues an SSL certificate without adding it to the logs this can trigger certain browser errors. It is recommended that whenever issuing any certificate, add it to one or more public certificate transparency logs.
Usage
Run the control in your terminal:
steampipe check net_insights.control.ssl_certificate_transparent
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share net_insights.control.ssl_certificate_transparent
Plugins & Tables
Params
Args | Name | Default | Description | Variable |
---|---|---|---|---|
$1 | domain_names |
| DNS domain names. |
SQL
select common_name as resource, case when transparent then 'ok' else 'alarm' end as status, case when transparent then common_name || ' certificate is visible.' else common_name || ' certificate is not visible.' end as reasonfrom net_certificatewhere domain in ( select jsonb_array_elements_text(to_jsonb($1 :: text [ ])) )order by common_name;