Hey HN, I built this after years of dealing with SSL certificate surprises – expired certs on subdomains nobody knew existed, shadow IT spinning up certs, the usual 3am outages.

CertRadar has four free tools (no signup, no premium tier):

- CT Log Search – find every certificate ever issued for a domain via Certificate Transparency logs. Great for discovering forgotten subdomains.

- SSL Analyzer – cert chain, TLS versions, HSTS, expiration. Faster than SSL Labs.

- DNS + SSL Check – DNS records and SSL health in one view.

- Security Headers – HSTS, CSP, X-Frame-Options analysis with recommendations.

Built with Rust on GCP Cloud Run. Happy to talk about the architecture or any feedback on what would make these more useful.

This is really cool. I've gone down the rabbit hole of Certificate Transparency to find out how crt.sh gets its information - first time I've even heard that it exists. Also, much better UI than crt.sh. I've tried to go over the information there, but it looks really cumbersome.

Feature ideas:

Log Whois and now RDAP JSON

Log DNS zones

Find typo squatting