Why Monitor SSL Certificates?
Expired SSL certificates cause:
- Browser security warnings that drive users away
- API integration failures
- SEO ranking drops
- Compliance violations
Setting Up SSL Monitoring
Add a Domain
- Go to SSL → Add Domain
- Enter your domain (e.g.,
example.com) - Xitoring immediately scans the certificate chain
What Gets Monitored
- Expiry date with alerts at 30, 14, 7, 3, and 1 day before expiration
- Certificate chain validation (root → intermediate → leaf)
- TLS version support (flags TLS 1.0/1.1 as insecure)
- Certificate authority identification
- Key strength analysis
- OCSP revocation status
SSL Grading
Each domain receives an overall SSL grade (A+ to F) based on:
- Certificate validity and chain completeness
- TLS protocol versions supported
- Cipher suite strength
- HSTS configuration
Alerts
SSL alerts are sent via your configured notification channels. We recommend enabling at least two channels (e.g., email + Slack) for certificate expiry alerts to avoid missing them.