Sorry for the dumb question. Is there a way to know valid subdomains from a domain?

@fedilab There is another way:
If the subdomain uses HTTPS and a certificate from Let's Encrypt (or another lage CA) then that fact will be logged in the Certificate Authority Log which is public and there are some tools online to search it for all certificates on one domain (and it's subdomains)

now it gets interesting. you think you can query letsencrypt or other ca's like show me *.domain.tld certs? i would live to know where.

interesting. one never stops to learn. this is a massiv security risk, exploiting all hostnames to the public. need to check if this works for all cert issuers, or letsencrypt only. very bad.


@kmj @fedilab
Indeed surprisingly few people know about this even though one should be aware that therefore subdomains are never completly hidden.

But actually this is quite the security feature as this means that if a CA tries to issue a cert for your domain, you have a chance to notice this in the log once all CAs support it and all browsers require it. I think Chrome does already, Firefox doesn't

· · Web · 1 · 0 · 0

i never assumed privacy of subdomains, but seeing that letsencrypt sends data to some externaldatabase i think about deleting letsencrypt. we need some european cert authority.

Melde dich an, um an der Konversation teilzuhaben
Mastodon (

Mastodon ist ein soziales Netzwerk. Es basiert auf offenen Web-Protokollen und freier, quelloffener Software. Es ist dezentral (so wie E-Mail!).