Feature Update: Enhanced SSL Monitoring

Today we’ve released a huge update, completely changing how our SSL monitoring works and enabling you to keep a much closer eye on all aspects of your certificates. We’ve introduced a new set of features for SSL, that enable much more powerful monitoring, these are summarized below:

Expiration Monitoring – We’ve fully revamped our expiration monitoring increasing the options in terms of how often the details are checked (anywhere from 5 minutes to 7 days dependent on plan level), also allowing customization of when the alerts for expiry come through – meaning that self-signed certs are now much less troublesome to keep an eye on.

Certificate Validity

As well as expiry we now watch out for validity issues, we will run a complete check of the certificate chain, verify that the certificate is on the correct domain, and we’ll also ensure that the certificate has not been revoked by the relevant authority. You can get alerted by our system right away if any of these factors are not as they should be.

Certificate Score

We now take a range of factors into account to provide you with a certificate score. Firstly we look at the “Cipher Strength”. Cipher strength has a proprietary scoring algorithm that takes the following variables into consideration:

* Key Exchange

* Bulk Cipher & Strength

* Used Keyed-hash message authentication (HMAC)

From the Cipher Strength and other factors, we give your certificate a final score, the full weightings for this score are shown below:

* Cipher Strength (50%)

* Perfect Forward Secrecy (25%)

* Certificate Errors (10%)

* Certificate Validity (5%)

* Certificate Presence (5%)

* Extended Validation presence (5%)

We will mark your certificate with a score out of 100%, you can see all scores within the SSL section in the left menu. All of the info can also be viewed on the details page, where we provide further data and comparison graphs.

The new functionality is available across all paid plans, and all functions are now managed within the SSL section, meaning that there’s increased separation from the uptime tests and the ability to manage these separately.