SSL Monitoring

Never let an expired certificate take you offline

An expired or misconfigured SSL certificate breaks trust and kills traffic. Vantaj checks your certificates continuously and alerts you well before expiry — so renewals never slip through the cracks.

Get started free See pricing

Expiry countdown alerts

Receive alerts at 90, 60, 30, 14, 7, and 1 day before your certificate expires. Plenty of time to renew, no last-minute panics.

Invalid certificate detection

Catches hostname mismatches, self-signed certs, incomplete chains, and revoked certificates — not just expiry dates.

Certificate chain validation

Verifies the full chain from leaf to root CA. Broken intermediate certificates are one of the most common SSL issues — Vantaj catches them immediately.

Multi-channel notifications

SSL alerts flow through the same pipeline as your uptime monitors: email, Slack, Discord, or webhooks. No extra setup.

Auto-renewal verification

Using Let's Encrypt or another ACME provider? Vantaj confirms the renewal actually happened. If your auto-renewal fails silently, you'll know.

Unified with uptime monitoring

SSL checks run alongside your HTTP monitors in one dashboard. See certificate health next to uptime and response times.

What we check on every scan

Check	Details
Expiry date	Days remaining until certificate expiration, with alerts at 90, 60, 30, 14, 7, and 1 day
Certificate chain	Full chain validation from leaf certificate to trusted root CA
Hostname match	Verifies the certificate's CN and SANs match your domain
Protocol & cipher	Checks TLS version and cipher strength for security compliance
Revocation status	Detects certificates that have been revoked by the issuing CA
Certificate issuer	Tracks which CA issued your cert — alerts if the issuer changes unexpectedly

How it works

01 — Add your domain

Paste a domain, we find the certificate

Enter any domain and Vantaj connects to it over TLS, extracts the certificate details, and starts monitoring. No agents, no config files.

02 — Continuous checking

Scanned around the clock

Your certificates are checked regularly for expiry, chain issues, and validity. Every scan result is logged so you can see certificate history over time.

03 — Early warnings

Know 90 days out, not the day of

Multi-stage alerts at 90, 60, 30, 14, 7, and 1 day give your team plenty of runway. For sudden issues like revocation or chain breaks, you're notified within minutes.

04 — Renewal confidence

Verify auto-renewals actually work

After a renewal, Vantaj confirms the new certificate is valid and properly installed. No more hoping that certbot ran successfully.

Frequently asked questions

How often are SSL certificates checked?

Certificates are checked multiple times per day. If an issue is detected, the check frequency increases automatically to track the situation closely.

Do I need to install anything on my server?

No. Vantaj connects to your domain externally over TLS — exactly like a browser would. There's nothing to install or configure on your server.

Can I monitor certificates on non-standard ports?

Yes. When adding a domain you can specify a custom port (e.g., api.example.com:8443) and Vantaj will check the certificate served on that port.

What happens when my certificate auto-renews?

Vantaj detects the new certificate on its next scan and updates the expiry date automatically. If renewal fails and the old cert is still served, the countdown alerts continue as normal.

Does SSL monitoring count against my monitor quota?

SSL checks are included when you add a domain. They don't consume a separate monitor slot — you get SSL monitoring as part of domain tracking.

Ready to set up SSL Monitoring?

Up and running in under a minute. Free for up to 20 monitors, no credit card required.

Start for free