How to monitor your TLS/SSL certificates

What is a TLS/SSL certificate?

Through the HTTPS protocol, your website uses a TLS/SSL certificate to prove that the connection between your web server and your web browser is secured by the required encryption.

Why monitor your TLS/SSL certificates?

Just like any certificate, an SSL certificate has an expiration date. HTTPS Monitoring helps you remember these important renewal dates. Semonto warns you well in advance when your TLS/SSL certificate is about to expire so that you can get your certificate renewed before it becomes a problem.

What TLS/SSL certificate monitoring tells you:

• If you forget to renew your certificate.
• If your automatic renewal didn’t go through.
• Whether the correct certificate was used.
• If something is wrong with the security chain (and what).
• If the expiry date is approaching.

How to monitor your certificates with Semonto

Semonto automatically checks the TLS/SSL certificate for every website you monitor. This feature is available for all plans.

Step 1: get started

First, you need to tell Semonto which website you want to check. Log into Semonto and click ‘add a website’. Enter the URL. (Don’t forget to add https://) Click “Create monitor”. Semonto will start monitoring your website.

Step 2: get notified

Semonto will check the certificate approximately every hour. Whenever there is a change in status, you will get notified. This can be any of the following:

• Your certificate is about to expire.
• Your certificate has expired.
• Your certificate could not be validated (error).
• Your certificate was successfully validated.

We will inform you by e-mail or by any other notification method you select in the Notifications menu.

Step 3: get informed

Everything you need to know about your TLS/SSL certificate is available in the detailed view of your monitor:

• The current status
• The details of your certificate
• The expiration date

You will also get:

• the possibility to perform a quick retest after you have renewed your certificate
• the option to disable TLS/SSL monitoring

Step 4: get confident

And now for the easy part: you can forget about TLS/SSL entirely because Semonto will take it from here. You can rest assured that if there is anything that requires your attention, Semonto will let you know.

Get notified of all SSL certificate changes

Would you like to receive an alert when a change in an SSL certificate is detected, not just when an issue is found or resolved?

This can be useful if:

• You want confirmation that your certificate was renewed and successfully validated, even if it happens within the expected timeframe.
• You want to stay in the loop of any changes to an SSL certificate: an upgrade, change in the certificate authority, or certificates that have been reissued with updated information so that you can check whether the change was correct and intentional.

Don’t activate this if:

• You have an SSL certificate that changes constantly. In that case, the updates will flood your inbox if you enable these alerts. In your case, it is better to stick to traditional SSL monitoring.

How to enable the monitoring of SSL certificate changes

• Log into Semonto.
• Go to Monitoring.
• Select SSL Certificates.
• Click on the website of your choice.
• Go to TLS/SSL Certificate - Settings
• Switch on “Also notify for certificate updates.”

Any questions? Get in touch, and we will help you on your way!