SSL/TLS Certificate Monitoring


Creating a new Certificate monitor

To learn how to use REST API to add a new SSL/TLS Certificate monitor: Click here

To create a new monitor, follow the steps given below:

  1. Click on New Monitor link. Choose SSL/TLS Certificate Monitor.
  2. Provide an appropriate Display Name for the monitor.
  3. Enter the Domain name for which the certificate is required to be monitored.
  4. Provide the port in which the server is running. Default port is 443.
  5. Enter the Protocol. Enter the SSL/TLS protocol version supported by the certificate.
  6. Check the Need proxy to connect to the domain box if the server is connected through proxy. In such cases you should also configure proxy server settings through the 'Configure Proxy' option available in the Settings tab.
  7. Disable the Ignore Certificate name mismatch error field if you wish to receive an alert incase of a mismatch in certificate name and domain name. If enabled, the certificate monitoring will take place even if the certificate name and domain name mismatches.
  8. Enable the Ignore invalid root and intermediate certificate checkbox if you wish to ignore invalid/expired root or intermediate certificates while accessing a website. This option is enabled by default.
  9. Enter the Timeout value in seconds.
  10. Provide the polling interval in minutes.
  11. If you are adding a new monitor from an Admin Server, select a Managed Server.
  12. Choose the Monitor Group from the combo box with which you want to associate the Certificate Monitor (optional). You can choose multiple groups to associate your monitor.
  13. Click Add Monitor(s). This discovers the SSL/TLS Certificate from the server and starts monitoring it.

Monitored Parameters

  • Availability tab gives the availability history for the past 24 hours or 30 days.
  • Performance tab gives the Health Status and events for the past 24 hours or 30 days.
  • List view enables you to perform bulk admin configurations.

Following are the list of metrics that are monitored in SSL/TLS Certificate monitoring:

Performance Overview

ParameterDescription
ISSUED TO
Common Name (CN) Name of the host or domain to which the certificate is issued.
Organization (O) Name of the organization to which the certificate is issued.
Organization Unit (OU) Name of the organization unit making the request.
ISSUED BY
Common Name (CN) Name of the host or domain that issues the certificate.
Organization (O) Name of the organization that issues the certificate.
Organization Unit (OU) Name of the organization unit making the request.
VALIDITY
Issued On Date at which the certificate was issued.
Expires On Date at which the certificate will expire.
Days to Expire Number of days to expiry.