Dotcom-Monitor HTTPS monitoring also includes Secure Socket Layer (SSL) Certificate monitoring, which checks SSL certificates for problems and expiration. (try our free instant HTTPS web server performance test)
When a browser visits a website whose web address starts with httpss, communication with the site is encrypted to help ensure privacy. Before starting the encrypted communication, the website will present the browser with a “certificate” to identify itself.
If the browser cannot verify that the certificate is associated with the website then the user will receive a warning message, such as “This Connection is Untrusted” or “This site’s security certificate is not trusted!”. After receiving this type of message most users will abandon the website. Therefore, an SSL Certificate checker is important for retaining a user’s trust in a website.
Monitor SSL Certificate Problems
Dotcom-Monitor HTTPS monitoring checks the properties of the SSL Certificate to make sure the properties are valid for the website where the SSL certificate is installed. The SSL certificate properties, such as: Certificate Authority (CA), Certificate Common Name (CN), etc… – should not change. Therefore, if monitoring detects changes in the properties of the SSL certificate, then the SSL certificate may have a problem thereby exposing website users to vulnerabilities.
Verified SSL Certificate Properties
- Check Certificate Authority (CA): Verifies the CA contains a root certificate this is trusted, or not trusted. Users are notified if the CA root certificate is changed.
- Check Certificate Common Name (CN): Verifies that the address assigned to the certificate matches the URL address associated with the certificate. If an address change has occurred, or the CN is changed, the user is alerted.
- Check Certificate Date: Verifies the certificate expiration date. (Date also used to set an SSL Certificate Expiration Checker* and reminder alert.)
- Check Certificate Revocation: Verifies that the certificate’s chain-of-trust doesn’t contain a revoked certificate. An SSL certificate can become invalid and be revoked prior to the expiration of the certificate’s validity period. This check verifies whether or not the certificate’s revocation state has changed. Certificate revocation can occur due to a change of name, change of association between a subject and CA, and compromise or suspected compromise of the corresponding private key. Under these types of circumstances, the issuing CA will revoke the certificate.
- Check Certificate Usage: Checks an SSL certificate intermediate chain of trust (aka “CA bundle”) for changes in an intermediate SSL certificate, which may indicate certificate problems.
SSL Certificate Expiration Checker
Losing control of your expiring SSL Certificates? SSL Certificate monitoring checks the expiration date of the SSL Certificate and enables the user to set a “reminder alert” in order to prompt the user for a timely renewal. SSL Certificates are often set to expire in one or two years.
- Set the SSL Certificate Expiration Reminder in Days: After the certificate date is checked that date is used to establish an expiration reminder. The user sets up a daily “alert” reminding them to update the certificate prior to the expiration date. The user can customize the daily “alert” reminder to receive alerts for a specific number of days (ex. 15 days) prior to expiration.
To try a Dotcom-Monitor free instant HTTPS test click here.