Known Logs

The list of CT Logs that are currently compliant with Chrome's CT policy (or have been and were disqualified), and are included in Chrome:
log_list.json is signed by Google, the signature being hosted at:

log_list.json and the corresponding log_list.sig can also be obtained by downloading the zip file containing both of them, found at:

The public key to verify log_list.sig can be found at:
The list of all known and announced CT Logs:
Both log_list.json and all_logs_list.json conform with the following schema:

To check whether Logs are currently pending inclusion in Chrome, check the Chromium inclusion bugs:

Special Purpose Logs

Base64 Log ID: HQJLjrFJizRN/YfqPvwJlvdQbyNdHUlwYaR3PEOcJfs=
Operator: Google

This log is not trusted by Chrome. It only logs certificates that have expired. See the announcement post.

Base64 Log ID: qJnYeAySkKr0YvMYgMz71SRR6XDQ+/WR73Ww2ZtkVoE=
Operator: Google

This log is not trusted by Chrome. It only logs certificates that chain to roots that are on track for inclusion in browser roots or were trusted at some previous point. See the announcement blog post.

Test Logs

These logs are intended for testing purposes only and will only log certificates that chain to a test root explicitly added to it.
To add a test root to Testtube, please email

A test root for Testtube should:
  • have a certificate "Subject" field that:
    • includes the word "test", "dev", "demo" or "staging" (to reduce the chance of real certificates being mixed up with test certificates).
    • identifies the organization that the test root is for (to allow easy classification of test traffic).
  • not allow real certificates to chain to it, either because:
    • it is a self-signed root CA certificate identified as a test certificate (as above).
    • it is an intermediate CA certificate that chains to a root certificate that is also identified as a test certificate.
  • be a CA certificate, by:
    • having CA:TRUE in the Basic Constraints extension.
    • include the 'Certificate Sign' bit in the Key Usage extension.
  • be in PEM format (with a .cer or .pem extension).
For historical reasons Google's test logs include some test roots that do not comply with all of the above requirements.

Base64 Log ID: w78Dp+HKiEHGB7rj/0Jw/KXsRbGG675OLPP8d4Yw9fY= 
Operator: Google 

Base64 Log ID: UutLIl7IlpdIUGdfI+Q7wdAh4yFM5S7NX6h8IDzfygM=
Expiry range: Jan 01 2018 00:00:00Z inclusive to Jan 01 2019 00:00:00Z exclusive

Base64 Log ID: C3YOmouaaC+ImFsV6UdQGlZEa7qIMHhcOEKZQ4ZFDAA=
Expiry range: Jan 01 2019 00:00:00Z inclusive to Jan 01 2020 00:00:00Z exclusive

Base64 Log ID: H8cs5aG3mfQAw1m/+WyjkTVI6GRCIGEJUum6F3T3usc=
Expiry range: Jan 01 2020 00:00:00Z inclusive to Jan 01 2021 00:00:00Z exclusive

Base64 Log ID: o8mYRegKt84AFXs3Qt8CB90nKytgLs+Y7iwS25xa5+c=
Expiry range: Jan 01 2021 00:00:00Z inclusive to Jan 01 2022 00:00:00Z exclusive

Base64 Log ID: aXqvyhprU2+uISBQRt661+Dq6hPSQy5unY+zefK5qvM=
Expiry range: Jan 01 2022 00:00:00Z inclusive to Jan 01 2023 00:00:00Z exclusive
Operator: Google 

Base64 Log ID: sMyD5aX5fWuvfAnMKEkEhyrH6IsTLGNQt8b9JuFsbHc= 
Operator: Google