Post

3 followers Follow
3
Avatar

Test for SSL/TLS certificate validity

We had a service that is being monitored with an Uptime check become unusable due to us accidentally configuring SSL wrong, causing SSL name mismatch warnings that rendered the site unusable for end-users. The Uptime check did not alert us.

It would useful if uptime checks that perform HTTPS requests could check SSL certificate validity - names, dates, trust anchors - mimicking how browsers (and `curl` without the `-k` parameter) check SSL certificates. This would remove one circumstance under which a service can become unusable by end-users without any errors/alerts actually being noted by any Uptime checks that monitor it.

I assume that for many customers it would be necessary to make this feature optional for each Uptime check, since people may be using Pingdom to monitor services on which they are deliberately using pinned self-signed certificates or their own private CAs.

 

Richard Barrell Answered

Official comment

Avatar

Hi folks, 

 

You can add comments to the existing feature request for this here.

Andreas Larsson

Post is closed for comments.

2 comments

3
Avatar

Same problem. I had assumed Pingdom would be checking this as standard, but I only got alerts from a competitors uptime service.

A very nice feature would also be a configurable expiry date warning - e.g. "Warn that certificate will expire x days before expiration date", as a public SSL cert can take some time to process, depending on what type of cert you have.

However, I'd settle for just a simple validity check at this point.

rod carr 3 votes