Certificate Expiry Monitor

Server
1

I’ve created an open source tool that monitors certificates for expiry and sends emails when the certificates are about to expire. Normally CA’s send emails to you when your certificates expiry, I think Let’s Encrypt does so as well. However, you might want another email address or an extra person notified, or just an extra check to make sure.

Since the Let’s Encrypt certs are only valid for 90 days (which IMHO is a good thing), you might forget about it later on. Now it’s nice playing with the beta and setting stuff up, but wouldn’t it be awfull if in three months your certs expired and you forgot to renew them? Now renewing is a breeze with Let’s Encrypt, so that’s cool.

Do note that most monitoring systems like Nagios also support certificate expiry checks, howevery not everyone has their own nagios running…

Here’s the tool: https://certificatemonitor.org/ - and the source code is up on github, link is on the page itself.

Note that I’m also behind the SSL Decoder, https://ssldecoder.org, another open source tool, this to check your server configuration and certificate chain.

I love feedback and comments :smile:

8 Likes
2

Excellent. I’d suggest adding to the list / thread at Monitoring the state of certificates

1 Like
3

Posted a reply there. Thanks for pointing me to there :smile_cat:

1 Like
4

Looks good! I noticed it was on Github, is it PHP7 compatible?

5

very nice mate :sunglasses:

6

I’m not sure because I haven’t tested it with php 7 yet. It does work and is only tested with PHP 5.6, so the changes will not be that big I hope.

8

Does not work whit subdomains

9

This is good. Really good. If I can have soma SLAs or something around it this seems like a service I would pay for.

10

Here's another option for anyone interested in continuous monitoring and reporting :slight_smile:
https://keychest.net

keyhest_ct_logs_incidents.png1530×1016 36.2 KB

keychest_dashboard_spotcheck.png1530×1154 61.5 KB

1 Like