crt.sh – certificate search and monitoring:
– Tool to search for certificates and their details (e.g., CA, serial number, hash values).
– Allows you to monitor issuing of new certificates via RSS/Atom (example: https://crt.sh/atom?q=infosec-handbook.eu).
If your web browser loads a website with a certificate, the cert is checked locally in your web browser. Either your browser or your operating system store root certs of CAs that allow them to check this. There is no traffic between clients and CAs.
However, a web server offering OCSP without any extension leaks your IP address to the CA. We use OCSP stapling, so there is no leak. The traffic is solely between your clients and our web server.
mastodon.at is a microblogging site that federates with most instances on the Fediverse.