LetsMonitor.org - free certificate monitoring needs beta testers for REST API


#1

The upcoming version 4.0 of LetsMonitor.org provides an REST API for it’s certificate monitoring service.

We are looking for beta testers of the new API. This is a REST/JSON API that lets you do the following:

  • Query status on a monitor
  • Add/update/remove monitors
  • Add/update/remove contacts
  • Create accounts

If you are interested, please email support@letsmonitor.org. Please give details on use cases and authentication methods we should support.

Thanks
LetsMonitor.org


#2

Finally! Just kidding, I appreciate what you have provided so far.

Our use case is to incorporate certificate status into internal operations dashboards. The authentication method doesn’t matter so much, api key would be ideal (and easy to implement).


#3

Yeah, we’re hoping key or token based credentials are sufficient. Eventually OAuth2 is in the plan, but that is a lot more difficult to implement.


#4

a monitor is no needed, just make a simple reminder in your phone stating when it’s going to be expired, and also use crontab to automate the renewal process.


#5

The monitor provides escalations of alerts in case someone is on vacation, and also tests from various locations around the world to make sure there is not some regional issue. In addition, it tests for validity of various certificate issues.


#6

Right, it is used as a failsafe in case certbot fails or you don’t get email notifications.


#7

Also, since LetsEncrypt is using three month expirations, I can pull up a dashboard that shows our mulitudes of certificates with status and time left at a glance. This is how I use it primarily, as part of our ops.


#8

If someone is on vacation, they certainly don’t have time to check their emails too. Beside how hard to use crontab? and a simple reminder in their phone. Download a reminder app, set the the time when the cert expires, and then use multiple crontab entries to make sure the renewing process is triggered like multiple times, if you are so paranoid about expiring, then use crontab with emailing.

30 2 * * 1 /usr/bin/letsencrypt renew | mail -s “Lets Encrypt Cron” myEmail@domain.com

So monitor app is a waste of time and effort.


#9

The escalations are to different people in the organization, in case the primary person in unable to deal with the issue.


#10

of course it’s up to the developers to develop whatever they want, but my belief is it’s no useful. If there are multiple people, a shared inbox’s email can be used in the crontab. I think the more important things at this moment are Ev certs, a year long certs, support shared hosts etc… and for your information, it’s recommend for organizations to use either Organization validated cert or EV certs which ain’t given by letsencrypt at all.


#11

Apparently the users of letsmonitor.org (however many there are of them) disagree with you. Nobody’s going to force you to use it, so why do you care if it’s available to other people who find value there?


#12

I am wondering the same thing, why you care what I think if you disagree with me? why not just leave me alone?
I just stated my personal belief, and I believe it’s perfectly okay under the freedom of speech. I didn’t try to stop this project or interfere it. of course some of them may disagree with me, because they like whatever that makes their life easy, but sending developers away from the main object may actually delay what people really want from getting implemented. letsencrypt is an awesome thing, I appreciate their free certs, but I don’t believe honestly most of people want a monitoring API. If you are a skilled web master, it’s a very simple thing to find out whether a cert is expired or not. Most of people requested as I found a year long cert, EV cert , the ability to install certs in certain shared hosting environments like namecheap. I stated my opinion, it’s up to developers to take or leave it.


#13

What does this have to do with letsmonitor.org? Do you think that project is related to Let’s Encrypt in any way? Because it isn’t.


#14

hmm I see if it’s not related, then it’s good to know. :slight_smile:


#15

Yeah, LetsMonitor.org was created as an in-house application, since we have a huge number of certs to maintain. We decided to create a free version, since we love LetsEncrypt so much and we already had most of the technology.


#16

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.