Schedule demo
Home

AWS Certificate Manager Monitoring

AWS Certificate Manager (ACM) - Overview

AWS Certificate Manager (ACM) is a fully managed service that lets you provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and internal connected resources. ACM eliminates the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates, helping you secure your websites and applications with minimal overhead.

Monitoring AWS Certificate Manager is essential for maintaining secure, uninterrupted communication across your infrastructure. Applications Manager's AWS Certificate Manager monitoring tool provides real-time tracking of key parameters such as certificate status, expiry timelines, renewal eligibility, and domain validation status. With proactive alerts on approaching expirations, failed validations, and revocation events, the tool helps prevent service disruptions caused by expired or misconfigured certificates.

Creating a new AWS Certificate Manager monitor

To learn how to create a new AWS Certificate Manager monitor, refer here.

Monitored Parameters

Go to the Monitors Category View by clicking the Monitors tab. Click on the Certificate Manager (ACM) instance available under Amazon in the Cloud Apps section. Displayed below is the AWS Certificate Manager bulk configuration view distributed into three tabs:

  • Availability tab gives the availability history for the past 24 hours or 30 days.
  • Performance tab gives the health status and events for the past 24 hours or 30 days.
  • List view tab enables you to perform bulk admin configurations.

By clicking a monitor from the list, you'll be taken to the AWS Certificate Manager dashboard which includes the following tabs:

Performance Overview

ParameterDescription
CERTIFICATE INFORMATION
Certificate StatusThe status of the ACM certificate. Possible values: PENDING_VALIDATION, ISSUED, INACTIVE, EXPIRED, VALIDATION_TIMED_OUT, REVOKED, FAILED.
Certificate UsageIndicates if the certificate is currently attached to any AWS resources.
Renewal EligibilityIndicates if the certificate is eligible for renewal. Possible values: ELIGIBLE, INELIGIBLE.
Renewal StatusThe status of the certificate renewal process. Possible values: PENDING_AUTO_RENEWAL, PENDING_VALIDATION, SUCCESS, FAILED.
Renewal Status ReasonIndicates the reason for the unsuccessful renewal requests.
Failure ReasonThe reason for the certificate request failure (if applicable).
Revocation ReasonSpecifies the reason the certificate was revoked.
CERTIFICATE AGE
Certificate AgeThe number of days since the certificate was created at the time of polling (in days).
DAYS UNTIL EXPIRY
Days Until ExpiryThe number of days remaining until this certificate expiration at the time of polling (in days).
SERVER CERTIFICATE
Server Certificate Issue DateThe date when the server certificate was issued.
Server Certificate Expiry DateThe date when the server certificate expires.
Server Certificate Days Left for ExpiryThe number of days remaining until the server certificate expires (in days).
Server Certificate Issued To (CN)The Common Name (CN) of the entity to whom the server certificate was issued.
Server Certificate Issued To (O)The Organization (O) of the entity to whom the server certificate was issued.
Server Certificate Issued To (OU)The Organizational Unit (OU) of the entity to whom the server certificate was issued.
Server Certificate Issued By (CN)The Common Name (CN) of the Certificate Authority that issued the server certificate.
Server Certificate Issued By (O)The Organization (O) of the Certificate Authority that issued the server certificate.
Server Certificate Issued By (OU)The Organizational Unit (OU) of the Certificate Authority that issued the server certificate.
Server Certificate SHA256 FingerprintThe SHA256 fingerprint of the server certificate, used for certificate verification and identification.
CERTIFICATE CHAIN #1
Certificate Chain 1 Issue DateThe date when the first certificate in the certificate chain was issued.
Certificate Chain 1 Expiry DateThe date when the first certificate in the certificate chain expires.
Certificate Chain 1 Days Left for ExpiryThe number of days remaining until the first certificate in the certificate chain expires (in days).
Certificate Chain 1 Issued To (CN)The Common Name (CN) of the entity to whom the first certificate in the chain was issued.
Certificate Chain 1 Issued To (O)The Organization (O) of the entity to whom the first certificate in the chain was issued.
Certificate Chain 1 Issued To (OU)The Organizational Unit (OU) of the entity to whom the first certificate in the chain was issued.
Certificate Chain 1 Issued By (CN)The Common Name (CN) of the Certificate Authority that issued the first certificate in the chain.
Certificate Chain 1 Issued By (O)The Organization (O) of the Certificate Authority that issued the first certificate in the chain.
Certificate Chain 1 Issued By (OU)The Organizational Unit (OU) of the Certificate Authority that issued the first certificate in the chain.
Certificate Chain 1 SHA256 FingerprintThe SHA256 fingerprint of the first certificate in the certificate chain, used for certificate verification and identification.

Configuration

ParameterDescription
CONFIGURATION
Domain NameThe fully qualified domain name (FQDN) for the certificate.
Certificate TypeThe type of certificate. Possible values: IMPORTED, AMAZON_ISSUED, PRIVATE.
Key AlgorithmThe algorithm used to generate the key pair for the certificate.
Signature AlgorithmThe algorithm used to sign the certificate.
Serial NumberThe serial number of the certificate.
Certificate IssuerThe name of the certificate authority that issued and signed the certificate.
Subject Alternative NamesThe list of additional domain names covered by the certificate.
CERTIFICATE DATES
Creation TimeThe date and time when the certificate was created.
Certificate Issued TimeThe date and time when the certificate was issued.
Certificate Imported TimeThe date and time the certificate was imported.
Certificate Validity Start TimeThe date and time before which the certificate is not valid.
Certificate Validity End TimeThe date and time after which the certificate is not valid.
Revocation TimeThe date and time the certificate was revoked.
DOMAIN VALIDATION DETAILS
Validation DomainThe domain name for which the certificate validation is being performed.
Validation MethodThe method used to validate domain ownership.
Validation StatusThe current status of the domain validation process.

Loved by customers all over the world

"Standout Tool With Extensive Monitoring Capabilities"

It allows us to track crucial metrics such as response times, resource utilization, error rates, and transaction performance. The real-time monitoring alerts promptly notify us of any issues or anomalies, enabling us to take immediate action.

Reviewer Role: Research and Development

carlos-rivero
"I like Applications Manager because it helps us to detect issues present in our servers and SQL databases."
Carlos Rivero

Tech Support Manager, Lexmark

Trusted by thousands of leading businesses globally