TLS certificate monitoring and inventory
Monitor certificates across your inventory, CT logs, and TLS endpoints. Get alerts before certificates expire or when unexpected ones appear.
Features
Certificate inventory
Keep track of your certificates in one place and get alerts before they expire.
Tags and notes allow you to organize the certificates.
Add certificates manually, or let CT monitors update the inventory.
CT monitors
Chrome, Safari, Firefox, and Edge all require that publicly trusted TLS server certificates are logged to approved public Certificate Transparency logs. CertObserver collects certificate data from those logs.
CT monitors alert you and update your certificate inventory when a new certificate for your domains or subdomains appears in a Certificate Transparency log.
Endpoint monitors
Continuously monitor the certificates used by your websites, APIs, and other TLS endpoints. Connects on a schedule and validates what’s presented during the TLS handshake.
Alerts you before certificates expire using configurable thresholds. Optional alerts are also available for issues such as hostname mismatches, incomplete certificate chains, and untrusted root certificates.
Works for any protocol where the TLS handshake happens immediately after the TCP connection is established (for example HTTPS, FTPS implicit, SMTPS, IMAPS, and POP3S).
Email and Slack alerts
Receive alerts via email, Slack, or both.
Work together
Invite your team and assign roles so people have the right level of access.
Plan-based billing
See the pricing page for the current plans.