HTTPS and TLS/SSL Monitoring Explained

Are your website visitors getting this message?

You probably don’t visit your own website all the time. And if you are an agency or a developer, you certainly don’t visit all the websites you are responsible for. So you might not have noticed that visitors are receiving a scary warning message telling them that your website is not secure.

Chrome expired certificate warning

The culprit: HTTP without the S

You are probably familiar with the http:// in front of a website URL. It stands for HyperText Transfer Protocol. HTTP is what your browser and web servers use to communicate and exchange information. When the exchange of data is sufficiently protected, we call it HTTPS. The 'S' stands for Secure. In other words: an HTTP protocol without the S is missing the encryption layer.

HTTP illustration

What does TLS/SSL certificate mean?

So, to protect your connection, you need an SSL certificate. SSL is short for Secure Sockets Layer. It adds an additional layer of security. This way, when someone visits your website, the connection between their browser and your server is encrypted. It protects you and your visitor against criminals who might try to access possible sensitive information being exchanged.

HTTPS illustration

What is the difference between TLS and SSL?

Nothing, basically. SSL was renamed to TLS (Transport Layer Security) in 1999. Since then, both terms are used interchangeably, so most people use both to make sure that they are being understood. Hence, TLS/SSL.

Do I need a TLS/SSL certificate?

Yes. Without this encryption, your information is exposed to attackers listening in on the network. If you fail to provide this additional layer of encryption, browsers like Google Chrome, Microsoft Edge or Safari will respond by showing the security message mentioned earlier.

How do I get a TLS/SSL certificate?

Your SSL certificate is usually handled by your hosting partner or web developer. If you are a web developer yourself, you can take care of this by submitting a Certificate Signing Request (CSR) to a certificate authority like Let’s Encrypt. You do have to renew this certificate frequently. Sometimes you can opt for automatic renewal.

How do I know if my website already has a TLS/SSL certificate?

One way to do it is by clicking the padlock icon in the address bar of your website. It will tell you if the connection is secure or not. But of course, that is something you don’t want to be doing every day. And a TLS/SSL certificate has an expiration date, so it can fail after a while. That is why SSL certificate monitoring is so useful: it does the checking for you on a regular basis.

Chrome with a valid certificate

Why TLS/SSL monitoring is so useful

TLS/SSL monitoring allows you to keep an eye on multiple websites and their certificates at the same time. It tells you:

If you forget to renew it.
If your automatic renewal didn’t go through.
If something is wrong with the certificate (and what).
If the expiry date is approaching.
Whether the certificate chain is valid.

How to monitor your certificate with Semonto

At Semonto, we have a feature that automatically checks the TLS/SSL certificate. This is enabled automatically for each website you are monitoring, and it is available for all plans. We have recently made some improvements to this feature, so feel free to play around and give us your feedback. Have a look at our how-to pages to find out how it works. We will walk you through it in simple steps.

Get started for free

If you don’t have a Semonto account yet - don’t worry. You can try all of Semonto’s features for free for two weeks. You don’t need to enter any credit card details, and you can cancel at any time. So, why not give it a try? And if you have any questions, we are here for you. Create your free trial here.