{"id":25,"date":"2025-08-06T00:00:00","date_gmt":"2025-08-06T00:00:00","guid":{"rendered":"https:\/\/wordpress.securinsight.ca\/index.php\/2025\/08\/06\/radar-certificate-transparency-insights-in-cloudflare-radar\/"},"modified":"2025-08-06T00:00:00","modified_gmt":"2025-08-06T00:00:00","slug":"radar-certificate-transparency-insights-in-cloudflare-radar","status":"publish","type":"post","link":"https:\/\/wordpress.securinsight.ca\/index.php\/2025\/08\/06\/radar-certificate-transparency-insights-in-cloudflare-radar\/","title":{"rendered":"Radar &#8211; Certificate Transparency Insights in Cloudflare Radar"},"content":{"rendered":"<p><a href=\"https:\/\/developers.cloudflare.com\/radar\/\"><strong>Radar<\/strong><\/a> now introduces Certificate Transparency (CT) insights, providing visibility into certificate issuance trends based on Certificate Transparency logs currently monitored by Cloudflare.<\/p>\n<p>The following API endpoints are now available:<\/p>\n<ul>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/methods\/timeseries\/\"><code>\/ct\/timeseries<\/code><\/a>: Retrieves certificate issuance time series.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/methods\/summary\/\"><code>\/ct\/summary\/{dimension}<\/code><\/a>: Retrieves certificate distribution by dimension.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/methods\/timeseries_groups\/\"><code>\/ct\/timeseries_groups\/{dimension}<\/code><\/a>: Retrieves time series of certificate distribution by dimension.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/subresources\/authorities\/methods\/list\/\"><code>\/ct\/authorities<\/code><\/a>: Lists certification authorities.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/subresources\/authorities\/methods\/get\/\"><code>\/ct\/authorities\/{ca_slug}<\/code><\/a>: Retrieves details about a Certification Authority (CA). CA information is derived from the <a href=\"https:\/\/www.ccadb.org\/\" target=\"_blank\">Common CA Database (CCADB)<\/a>.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/subresources\/logs\/methods\/list\/\"><code>\/ct\/logs<\/code><\/a>: Lists CT logs.<\/li>\n<li><a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/ct\/subresources\/logs\/methods\/get\/\"><code>\/ct\/logs\/{log_slug}<\/code><\/a>: Retrieves details about a CT log. CT log information is derived from the <a href=\"https:\/\/googlechrome.github.io\/CertificateTransparency\/log_lists.html\" target=\"_blank\">Google Chrome log list<\/a>.<\/li>\n<\/ul>\n<p>For the <code>summary<\/code> and <code>timeseries_groups<\/code> endpoints, the following dimensions are available (and also usable as filters):<\/p>\n<ul>\n<li><code>ca<\/code>: Certification Authority (certificate issuer)<\/li>\n<li><code>ca_owner<\/code>: Certification Authority Owner<\/li>\n<li><code>duration<\/code>: Certificate validity duration (between NotBefore and NotAfter dates)<\/li>\n<li><code>entry_type<\/code>: Entry type (certificate vs. pre-certificate)<\/li>\n<li><code>expiration_status<\/code>: Expiration status (valid vs. expired)<\/li>\n<li><code>has_ips<\/code>: Presence of IP addresses in certificate <a href=\"https:\/\/developers.cloudflare.com\/ssl\/origin-configuration\/origin-ca\/#hostname-and-wildcard-coverage\" target=\"_blank\">Subject Alternative Names (SANs)<\/a><\/li>\n<li><code>has_wildcards<\/code>: Presence of wildcard DNS names in certificate SANs<\/li>\n<li><code>log<\/code>: CT log name<\/li>\n<li><code>log_api<\/code>: CT log API (<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc6962\" target=\"_blank\">RFC6962<\/a> vs. <a href=\"https:\/\/c2sp.org\/static-ct-api\" target=\"_blank\">Static<\/a>)<\/li>\n<li><code>log_operator<\/code>: CT log operator<\/li>\n<li><code>public_key_algorithm<\/code>: Public key algorithm of certificate&#8217;s key<\/li>\n<li><code>signature_algorithm<\/code>: Signature algorithm used by CA to sign certificate<\/li>\n<li><code>tld<\/code>: Top-level domain for DNS names found in certificates SANs<\/li>\n<li><code>validation_level<\/code>: <a href=\"https:\/\/www.cloudflare.com\/learning\/ssl\/types-of-ssl-certificates\/\" target=\"_blank\">Validation level<\/a><\/li>\n<\/ul>\n<p>Check out the new Certificate Transparency insights in the <a href=\"https:\/\/radar.cloudflare.com\/certificate-transparency\" target=\"_blank\">new Radar page<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Radar now introduces Certificate Transparency (CT) insights, providing visibility into certificate issuance trends based on Certificate Transparency logs currently monitored by Cloudflare. The following API endpoints are now available: \/ct\/timeseries: Retrieves certificate issuance time series. \/ct\/summary\/{dimension}: Retrieves certificate distribution by dimension. \/ct\/timeseries_groups\/{dimension}: Retrieves time series of certificate distribution by dimension. \/ct\/authorities: Lists certification authorities. \/ct\/authorities\/{ca_slug}: [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-25","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts\/25","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/comments?post=25"}],"version-history":[{"count":0,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts\/25\/revisions"}],"wp:attachment":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/media?parent=25"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/categories?post=25"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/tags?post=25"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}