MonitorHound logo MonitorHound

SSL Certificate Monitoring

Monitor SSL/TLS certificate expiry dates, chain validity, and configuration issues. Never let an expired or misconfigured certificate take down your site.

The problem

An expired SSL certificate instantly makes your website inaccessible. Browsers display alarming security warnings, users cannot proceed, and search engines penalize your rankings. Automated renewal helps, but renewal failures are surprisingly common — a changed DNS provider, a revoked API key, or a misconfigured server can silently prevent renewal.

How MonitorHound helps

MonitorHound connects to your servers and inspects the presented SSL/TLS certificate. It checks the expiry date, validates the certificate chain, and verifies the hostname matches. You receive advance warnings at configurable intervals before expiry, giving you time to renew before any impact.

What you can monitor

  • Certificate expiry dates
  • Certificate chain validity
  • Hostname mismatch detection
  • Self-signed certificate alerts
  • Intermediate certificate issues
  • Protocol version (TLS 1.2, 1.3)
  • Certificates on custom ports
  • Wildcard certificate coverage

Example configuration

{
  "type": "ssl",
  "hostname": "example.com",
  "port": 443,
  "interval_seconds": 3600,
  "expiry_warning_days": [30, 14, 7]
}

Frequently asked questions

How far in advance will I be warned about expiring certificates?

MonitorHound sends alerts at configurable thresholds — for example, 30, 14, and 7 days before expiry. You can customize these thresholds per monitor to match your renewal workflow.

Does it check the full certificate chain?

Yes. MonitorHound validates the entire chain from the leaf certificate through any intermediates to the root CA. You are alerted if any certificate in the chain is expired, revoked, or misconfigured.

Can I monitor certificates on non-standard ports?

Yes. While the default port is 443, you can configure any port number. This is useful for monitoring certificates on mail servers (port 465/993), custom API servers, or internal services.

What about Let's Encrypt auto-renewal?

Even with automated renewal tools like certbot, things can go wrong — DNS validation failures, permission issues, or misconfigured cron jobs. SSL monitoring acts as a safety net to catch renewal failures before they cause downtime.

Never let a certificate expire

Start monitoring your SSL certificates today. Free plan includes 10 monitors.

Start Free Monitoring