Certificate Transparency Monitoring
CT Monitoring alerts are triggered not only by Cloudflare processes - including -, but whenever a certificate that covers your monitored domain is issued by a and added to a public CT log. You can learn more about how this works in the .
|All account members||All account members||Specified email addresses||Specified email addresses|
Opt in and out
To stop receiving alerts, disable Certificate Transparency Monitoring or remove your email from the feature card.
Emails to be concerned about
Most certificate alerts are routine. Cloudflare sends alerts whenever a certificate for your domain appears in a log. Certificates expire (and must be reissued), so it is completely normal to receive issuance emails. If your domain is listed in the email, along with reasonable ownership and certificate information, then no action is required.
Additionally, you should check whether the certificate was issued through Cloudflare. To view all Cloudflare-issued certificates and backup certificates - which require no additional actions - visit the in the dashboard.
You should take action when something is clearly wrong, such as if you:
- Do not recognize the certificate issuer.
- Have recently noticed problems with your website.
How to take action
Option 1: Contact certificate authorities
Only Certificate Authorities can revoke malicious certificates. If you believe an illegitimate certificate was issued for your domain, contact the Certificate Authority listed as the Issuer in the email.
Option 2: Contact domain registrars
Domain registrars may be able to suspend potentially malicious domains. If, for example, you notice that a malicious domain was registered through GoDaddy, contact GoDaddy’s support team to see if they can help you. Do the same for other registrars.
Option 3: Improvise
There are other ways to combat malicious certificates. You can warn your visitors with an on-site notification or ask browser makers (Google for Chrome, etc.) to block these domains.
If someone is attempting to impersonate you online, you should absolutely take action. This is usually difficult to recognize, so exercise caution. Remember: the vast majority of certificates are not malicious. Only take action if you believe something is wrong.
HTTP Public Key Pinning
Cloudflare does not offer or support HPKP and advises against using it with Universal SSL.