Want notifications when a cert is issued for my domain (intended or not)
Certificate Transparency is a public log where every issued cert appears. With a free monitor (crt.sh, Cert Spotter, Sectigo) you get alerts when an unknown party or forgotten dev environment pulls a cert for your domain.
Try this first
- 1Sign up for Cert Spotter (sslmate.com/certspotter) or similar CT monitor with your apex domain.
- 2Also add *.vectel.nl and related domains, otherwise you miss certs for subdomains issued by a vendor.
- 3When an alert hits: compare with your own register. Known = fine, unknown = investigate with IT/marketing/dev.
- 4Combine with a CAA record that allows only your approved CAs, that filters accidental issuance at the source.
- 5Document which CAs you use (Let's Encrypt, ZeroSSL, paid EV) and review the CAA record every six months.
When to bring us in
If you keep getting mystery certs for your domain and do not know who pulls them, we can trace the origin and tighten CAA.
See also
- Domain expires tomorrow and nobody saw the emailAn expired domain doesn't transfer instantly. There's a redemption window, but you pay extra.
- Unsure whether to enable auto-renewDisabling auto-renew only makes sense for domains you'll truly drop. For anything live, just keep it on.
- New registrar asks for auth code, can't find itEPP code or transfer code is the password to move a domain from registrar A to B.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.