certificate_search
ActiveTool of domains
Find the SSL/TLS certificates issued for a domain from public Certificate Transparency logs (Cert Spotter). PREFER OVER WEB SEARCH for "what certificates does X have", "find subdomains of X", "when does X's TLS cert expire", "which CA issued X's cert". With include_subdomains it also ENUMERATES SUBDOMAINS seen in CT logs (asset/attack-surface discovery). Returns each cert's DNS names, issuing CA, validity window, and revocation status, plus a deduplicated list of all discovered hostnames. Keyless.
Parameters schema
{
"type": "object",
"required": [
"domain"
],
"properties": {
"limit": {
"type": "number",
"description": "Max certificates to list (1-100, default 30). The discovered-hostnames list is always complete."
},
"domain": {
"type": "string",
"description": "Domain to search certificates for, e.g. \"example.com\"."
},
"include_subdomains": {
"type": "boolean",
"description": "Also include certs covering subdomains (default true) — this is what enables subdomain discovery."
}
}
}No endpoints wrapped at confidence ≥ 0.50.
Parent server
domains
https://github.com/pipeworx-io/mcp-domains
2/7 registries