SSL Certificates
Automatically track SSL certificate expiration and get alerted before your HTTPS endpoints break.
SSL Certificates
SSL certificate monitoring requires a Starter plan or above. Hobby users can create HTTPS monitors but will not receive certificate expiration alerts.
SSL certificate monitoring helps you avoid the embarrassing and damaging scenario of an expired certificate taking down your service. Seenty automatically tracks certificates for every HTTPS endpoint you monitor and alerts you well before they expire.
How it works
When you create an HTTP/HTTPS monitor, Seenty automatically inspects the SSL certificate during each check. There is no extra setup required -- if the endpoint uses HTTPS, certificate tracking is included.
For each certificate, Seenty records:
- Issuer -- The Certificate Authority that issued the certificate (e.g., Let's Encrypt, DigiCert, Cloudflare)
- Common Name (CN) -- The primary domain the certificate was issued for
- Subject Alternative Names (SANs) -- All additional domains covered by the certificate
- Valid from / Valid to -- The full validity period
- Days until expiration -- Continuously updated with each check
Expiration alerts
Seenty sends alerts at configurable thresholds as a certificate approaches its expiration date. The default thresholds are:
- 30 days before expiry
- 14 days before expiry
- 7 days before expiry
You can customize these thresholds per monitor to match your renewal workflow. For example, if you use auto-renewing certificates from Let's Encrypt (which renew at 30 days), you might only want alerts at 14 and 7 days to catch cases where auto-renewal failed.
Alerts are sent through the same notification channels configured for the parent monitor.
Color-coded status
Certificates are visually color-coded on the monitor dashboard so you can spot problems at a glance:
| Color | Condition | Meaning |
|---|---|---|
| Green | More than 30 days until expiry | Healthy -- no action needed |
| Yellow | Between 14 and 30 days until expiry | Attention -- renewal should happen soon |
| Red | Less than 14 days until expiry | Urgent -- certificate is close to expiring |
Expired certificates and certificates with chain errors are also flagged in red with a specific error message.
Renewal tracking
Seenty detects when a certificate has been renewed by comparing the certificate fingerprint across checks. When a renewal is detected:
- The certificate details are updated with the new validity period
- The expiration countdown resets
- Any pending expiration alerts are automatically cleared
This means you do not need to manually dismiss alerts after a successful renewal.
Certificate details view
Click on any HTTPS monitor to see full certificate details in the Certificate tab:
- Complete certificate chain (root, intermediate, leaf)
- Exact expiration date and time
- Issuer organization and contact
- All Subject Alternative Names
- Certificate serial number and fingerprint
- Protocol and cipher suite used for the connection
Common issues
Self-signed certificates -- Seenty flags self-signed certificates as a warning. If your service intentionally uses a self-signed certificate (e.g., internal staging environments), the monitor will still check uptime but will note the certificate issue.
Certificate chain errors -- If the server does not send the full certificate chain, Seenty reports the specific chain error. This commonly happens when an intermediate certificate is missing from the server configuration.
Wildcard certificates -- Seenty correctly handles wildcard certificates (e.g., *.example.com) and displays all SANs covered by the certificate.