Schedule demo
Home

Setting up SSL/TLS Certificate Monitor with Applications Manager

Creating a new SSL/TLS Certificate monitor

Prerequisites for monitoring SSL/TLS Certificate metrics: Click here

To learn how to use REST API to add a new SSL/TLS Certificate monitor: Click here

To create a new monitor, follow the steps given below:

  1. Click on New Monitor link. Choose SSL/TLS Certificate Monitor.
  2. Provide an appropriate Display Name for the monitor.
  3. Enter the Domain name for which the certificate is required to be monitored.
  4. Provide the port in which the server is running. Default port is 443.
  5. Select the SSL/TLS Protocol version used by the certificate while connecting to the domain (SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3). When Auto is selected (default), the system attempts to connect using all supported protocol versions.
  6. Check the Need proxy to connect to the domain box if the server is connected through proxy. In such cases you should also configure proxy server settings through the Configure Proxy option available in the Settings tab → Product Settings → Proxy Server Settings.
  7. Disable the Ignore Certificate name mismatch error field if you wish to receive an alert incase of a mismatch in certificate name and domain name. If enabled, the certificate monitoring will take place even if the certificate name and domain name mismatches.
  8. Enable the Ignore invalid root and intermediate certificate checkbox if you wish to ignore invalid/expired root or intermediate certificates while accessing a website. This option is enabled by default.
  9. Enable the Perform trust validation checkbox to perform a trust check on the SSL/TLS certificate.
  10. Enable the Check for blacklisted certificate checkbox to verify if the SSL/TLS domain uses any certificates from blacklisted Certificate Authorities (CAs).
  11. Enable the Ignore self-signed certificate check checkbox to bypass the self-signed certificate verification during the trust validation process.
  12. Enter the Timeout value in seconds.
  13. Provide the polling interval in minutes.
  14. If you are adding a new monitor from an Central Server, select a Probe Server.
  15. Choose the Monitor Group from the combo box with which you want to associate the Certificate Monitor (optional). You can choose multiple groups to associate your monitor.
  16. Click Add Monitor(s). This discovers the SSL/TLS Certificate from the server and starts monitoring it.

Monitored Parameters

  • Availability tab gives the availability history for the past 24 hours or 30 days.
  • Performance tab gives the Health Status and events for the past 24 hours or 30 days.
  • List view enables you to perform bulk admin configurations.

Following are the list of metrics that are monitored in SSL/TLS Certificate monitoring:

Resource Details

ParameterDescription
CERTIFICATE CHAIN SUMMARY
Certificate OrderShows the position of the certificate within the certificate chain.
Common Name (CN)Name of the host or domain to which the certificate is issued.
Issued ByThe name of the certificate authority (CA) that provided the certificate for the domain.
Days to ExpireDisplays the expiration date of the certificate.
Expiry StatusThe expiration status of the certificate. (Active, Expiring Soon, or Expired).
CERTIFICATE ORDER: SERVER CERTIFICATE/ CERTIFICATE CHAIN
VALIDITY
Issued OnDate at which the certificate was issued.
Expires OnDate at which the certificate will expire.
Days to ExpireNumber of days to expiry.
ISSUED BY
Common Name (CN)Name of the host or domain that issues the certificate.
Organization (O)Name of the organization that issues the certificate.
Organization Unit (OU)Name of the department or division within the Certificate Authority (CA) responsible for issuing the certificate.
ISSUED TO
Common Name (CN)Name of the host or domain to which the certificate is issued.
Subject Alternative Name (SAN)Additional domain names or IP addresses that the certificate covers, beyond the primary Common Name (CN).
Organization (O)Name of the organization to which the certificate is issued.
Organization Unit (OU)Name of the organization unit making the request.
SHA-256 fingerprintThe hashed value of the SSL certificate's entire data, including its public key and other details.
Signature AlgorithmDisplays the signing algorithm used for the certificate.

Cipher Details

ParameterDescription
GradeIndicates an overall assessment of the security strength based on the evaluation of all ciphers used in a domain's SSL/TLS configuration. Learn more
Trust ChecksIndicates the legitimacy and reliability of a SSL/TLS certificate. Learn more
Blacklist CheckIndicates whether the SSL/TLS certificate is blacklisted or not by comparing the certificate's fingerprint with a database of known blacklisted fingerprints to identify untrusted certificates. Learn more
Vulnerability StatusIndicates whether the cipher is secure or vulnerable. Learn more
Secure Cryptographic ComponentsThe essential security features within the SSL/TLS domain, providing crucial protections for data transmission and integrity.
PROTOCOLS AND CIPHERS
CiphersThe name of the cipher.
Protocol VersionThe version of the protocol associated with the cipher.
Key size(bits)The key size of the encryption algorithm (in bits).
Cipher StatusIndicates whether the cipher is secure or weak.

Thank you for your feedback!

Was this content helpful?

We are sorry. Help us improve this page.

How can we improve this page?
Do you need assistance with this topic?
By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.

Loved by customers all over the world

"Standout Tool With Extensive Monitoring Capabilities"

It allows us to track crucial metrics such as response times, resource utilization, error rates, and transaction performance. The real-time monitoring alerts promptly notify us of any issues or anomalies, enabling us to take immediate action.

Reviewer Role: Research and Development

carlos-rivero
"I like Applications Manager because it helps us to detect issues present in our servers and SQL databases."
Carlos Rivero

Tech Support Manager, Lexmark

Trusted by over 6000+ businesses globally