SSL/TLS Certificate Monitoring

Creating a new Certificate monitor

To learn how to use REST API to add a new SSL/TLS Certificate monitor: Click here

To create a new monitor, follow the steps given below:

  1. Click on New Monitor link. Choose SSL/TLS Certificate Monitor.
  2. Provide an appropriate Display Name for the monitor.
  3. Enter the Domain name for which the certificate is required to be monitored.
  4. Provide the port in which the server is running. Default port is 443.
  5. Enter the Protocol. Enter the SSL/TLS protocol version supported by the certificate.
  6. Check the Need proxy to connect to the domain box if the server is connected through proxy. In such cases you should also configure proxy server settings through the 'Configure Proxy' option available in the Settings tab.
  7. Disable the Ignore Certificate name mismatch error field if you wish to receive an alert incase of a mismatch in certificate name and domain name. If enabled, the certificate monitoring will take place even if the certificate name and domain name mismatches.
  8. Enable the Ignore invalid root and intermediate certificate checkbox if you wish to ignore invalid/expired root or intermediate certificates while accessing a website. This option is enabled by default.
  9. Enable the Perform trust validation checkbox to perform a trust check on the SSL/TLS certificate.
  10. Enable the Check for blacklisted certificate checkbox to verify if the SSL/TLS domain uses any certificates from blacklisted Certificate Authorities (CAs).
  11. Enter the Timeout value in seconds.
  12. Provide the polling interval in minutes.
  13. If you are adding a new monitor from an Central Server, select a Probe Server.
  14. Choose the Monitor Group from the combo box with which you want to associate the Certificate Monitor (optional). You can choose multiple groups to associate your monitor.
  15. Click Add Monitor(s). This discovers the SSL/TLS Certificate from the server and starts monitoring it.

Monitored Parameters

  • Availability tab gives the availability history for the past 24 hours or 30 days.
  • Performance tab gives the Health Status and events for the past 24 hours or 30 days.
  • List view enables you to perform bulk admin configurations.

Following are the list of metrics that are monitored in SSL/TLS Certificate monitoring:

Resource Details

ParameterDescription
CERTIFICATE CHAIN SUMMARY
Certificate Order Shows the position of the certificate within the certificate chain.
Common Name (CN) Name of the host or domain to which the certificate is issued.
Issued By The name of the certificate authority (CA) that provided the certificate for the domain.
Days to Expire Displays the expiration date of the certificate.
Expiry Status The expiration status of the certificate. (Active, Expiring Soon, or Expired).
CERTIFICATE ORDER: SERVER CERTIFICATE/ CERTIFICATE CHAIN
VALIDITY
Issued On Date at which the certificate was issued.
Expires On Date at which the certificate will expire.
Days to Expire Number of days to expiry.
ISSUED BY
Common Name (CN) Name of the host or domain that issues the certificate.
Organization (O) Name of the organization that issues the certificate.
Organization Unit (OU) Name of the organization unit making the request.
ISSUED TO
Common Name (CN) Name of the host or domain to which the certificate is issued.
Organization (O) Name of the organization to which the certificate is issued.
Organization Unit (OU) Name of the organization unit making the request.
SHA-256 fingerprint The hashed value of the SSL certificate's entire data, including its public key and other details.
Signature Algorithm Displays the signing algorithm used for the certificate.

Cipher Details

ParameterDescription
Vulnerability Status Indicates whether the cipher is secure or weak.
Secure Cryptographic Components The essential security features within the SSL/TLS domain, providing crucial protections for data transmission and integrity.
PROTOCOLS AND CIPHERS
Ciphers The primary column for protocols and ciphers.
Protocol Version The version of the protocol associated with the cipher.
Key size(bits) The key size of the encryption algorithm (in bits).
Cipher Status Indicates whether the cipher is secure or weak.

Thank you for your feedback!

Was this content helpful?

We are sorry. Help us improve this page.

How can we improve this page?
Do you need assistance with this topic?
By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.