SSL Certificate Monitoring
Monitor SSL certificate expiration and validity. Get alerts before your certificate expires to avoid security warnings and downtime.
Why Monitor SSL Certificates?
Expired certificates cause real problems.
When your SSL certificate expires, browsers show scary security warnings that drive visitors away. Even worse, some browsers completely block access to sites with expired certificates.
Lost Trust
Security warnings make visitors think your site is unsafe or compromised.
Blocked Access
Modern browsers may completely block access to sites with invalid certificates.
Downtime
Certificate issues often happen at the worst time — weekends, holidays, or during high traffic.
What We Check
Comprehensive SSL certificate analysis.
| Check | Description |
|---|---|
| Expiration Date | Days until certificate expires, with alerts at configurable thresholds |
| Validity | Certificate is valid and not yet expired or revoked |
| Certificate Chain | Complete chain from your certificate to a trusted root CA |
| Domain Match | Certificate's common name or SAN matches your domain |
| Key Strength | RSA key size and signature algorithm security |
Certificate Details
Information we collect about your certificate.
Issuer Information
- Certificate Authority name
- Organization
- Country
Subject Information
- Common Name (CN)
- Subject Alternative Names (SANs)
- Organization
Validity Period
- Not Before (start date)
- Not After (expiration date)
- Days until expiry
Technical Details
- Signature algorithm (e.g., SHA256withRSA)
- Public key algorithm (RSA, ECDSA)
- Key strength (bits)
Setting Up SSL Monitoring
Add New Monitor
Go to your Dashboard and click "New" button.
Enter Your Domain
Enter the URL of your website (e.g., https://example.com).
We'll automatically detect and monitor the SSL certificate.
Select SSL Certificate Type
Choose "SSL Certificate" as the check type.
Configure Alert Days
Set when you want to be notified before expiration:
- Free plan: 7 days before expiry
- Paid plans: Custom days (e.g., 30, 14, 7, 1 days)
Check Frequency
Once Every 24 Hours
SSL certificates are checked once per day
Since SSL certificates typically don't change frequently, checking once per day provides adequate coverage while keeping resource usage efficient. You'll get alerts well before expiration.
Alert Thresholds
When you'll be notified about expiring certificates.
| Plan | Alert Days |
|---|---|
| Echo (Free) | 7 days before expiry |
| Pulse / Wave | Customizable (e.g., 30, 14, 7, 1 days) |
Need Earlier Warnings?
Common SSL Issues
Problems we help you catch before they affect users.
Certificate Expired
The certificate's validity period has ended. Browsers will show security warnings or block access entirely. Renew your certificate immediately.
Certificate Not Trusted
The certificate was issued by an untrusted Certificate Authority, or the chain is incomplete. This often happens with self-signed certificates or missing intermediate certificates.
Hostname Mismatch
The certificate's Common Name (CN) or Subject Alternative Names (SANs) don't match your domain. Make sure you have a certificate that covers all your domains and subdomains.
Weak Key or Algorithm
Older certificates may use weak encryption (e.g., SHA-1, small RSA keys). Modern best practices recommend SHA-256 and RSA 2048-bit or higher.
Using Let's Encrypt?
Auto-renewal can fail silently
- DNS configuration changes
- Web server misconfigurations
- Firewall blocking validation requests
- Rate limits exceeded
SSL monitoring catches these failures before they affect your users.
Best Practices
Set Multiple Alert Days
Configure alerts at 30, 14, and 7 days to give yourself time to act.
Monitor All Domains
Add monitors for all your domains, including staging and internal services.
Use Strong Encryption
Ensure your certificates use SHA-256 and RSA 2048-bit or ECDSA P-256 minimum.
Complete Certificate Chain
Always install intermediate certificates — missing chains cause trust errors.