When a browser visits a website whose web address starts with https, communication with the site is encrypted to help ensure privacy. Before starting the encrypted communication, the website will present the browser with a certificate to identify itself.
If the browser cannot verify that the certificate is associated with the website then the user will receive a warning message, such as “This Connection is Untrusted” or “This site’s security certificate is not trusted!” After receiving this type of message most users will abandon the website. Therefore, an SSL Certificate checker is important for retaining users’ trust in a website.
SSL checker tests the certificate and validates the website to which it is installed. Properties such as Certificate Authority (CA) and Common Name (CN) should not change. SSL Certificate Monitoring detects changes that may indicate problems that are exposing website users to vulnerabilities.
Check the following properties with SSL certificate monitoring:
- Authority (CA)
Verifies the CA contains a root certificate that is trusted, or not trusted. SSL test will notify users if the CA root is changed.
- Common Name (CN)
Verifies that the address assigned matches the URL. If the ssl cert checker detects an address change has occurred, or the CN is changed, the user is alerted.
- Expiration Date
SSL test verifies the certificate expiration date.
Verify the chain of trust doesn’t contain a revoked certificate. An SSL certificate can become invalid and be revoked prior to the expiration validity period. An SSL test verifies whether or not the revocation state has changed. Revocation can occur due to a change of name, change of association between a subject and CA, and compromise or suspected compromise of the corresponding private key. Under these types of circumstances, the issuing CA may revoke the certificate.
The SSL certificate checker tests intermediate chain of trust (aka “CA bundle”) for changes in an intermediate certificate, which may indicate problems.
SSL Certificate Expiration Management
Get control of your SSL Certificate expirations. SSL Certificate monitoring checks the expiration date and enables the user to set a “reminder alert” in order to prompt the user for a timely renewal. SSL Certificate expiration is typically set to expire in one or two years.
Expiration Reminder via SSL Certificate Monitoring
Users can optionally set an SSL certiificate expiration alert that will remind them to update/renew the certificate. The alert can be customized to be sent specific number of days (ex. 15 days) prior to expiration.