Introducing “SSL Monitoring”
HTTPs is becoming the “default” for any website whether it is a blog, portal, e-commerce or corporate one.
However, a website with an SSL certificate requires an extra layer of monitoring, “making sure the SSL works as expected”, as a certificate:
- can expire
- can produce errors (host mismatch, use insecure protocols like SSLv3..).
Introducing SSL monitoring
The Pro Plan now monitors such cases and lets you know:
- when the SSL certificate has errors including:
- host mis-match
- forcing insecure protocol (like SSLv2 or SSLv3)
- and when the SSL certificate is getting close to expiry date (when 30, 15, 7 and 1 day is left) so that you can renew it in advance.
Note: “mixed-content SSL warnings and revoked certificates” are currently not supported.
The feature is available by default for all HTTP and keyword monitors whose URLs start with “https”.
Customizing its usage
It is possible to:
- disable SSL monitoring and/or “ignore SSL errors” for selected monitors from the “Add/Edit Monitor dialogs”. This is handy if the website uses a self-signed certificate.
- choose which alert contacts will get “SSL expiry notifications” from the “My Settings>Alert Contacts>Add/Edit Alert Contact dialogs”.
- By default, all alert contact types except “SMS, mobile Push, Pushbullet, Boxcar and Pushover” are enabled considering they are non-intrusive.
Important info: The feature will become active by 20 September 2017 to make sure any customization can be performed in advance.
Excited to have this feature being available and hope that it helps for a better uptime :).
Update (24 Oct 2017)
Thanks to all the feedback received, we have applied a set of updates to make sure that this feature is easy-to-use and functional for everyone:
- a certificate being self-signed is no more a reason for it to be detected as “down”
- monitors with IP-based URLs (like https://22.214.171.124) are not checked for SSL errors
- expiration notifications for certificates by Let’s Encrypt and Cloudflare are only triggered if 3 days or less are left for expiry as these certificates are mostly auto-renewed close to the expiry date.
- ssl settings for all monitors can be changed in bulk using the bulk actions dialog (can be found just under the “Add Monitor button”).
Wanna check the previous (← Configuring Cloudflare for Status Pages (with Custom-Domains)) and next (→ New Feature – Telegram Integration) posts?