Can you monitor your internal SSL certificates? This was a question we frequently heard from our clients. Many organizations keep their services (web, database, etc.) inaccessible on the public internet, for security, compliance, cost, and other reasons. At TrackSSL, we initially offered public SSL/TLS certificate monitoring, but we often received requests from customers for private SSL certificate monitoring. Thus, we needed to find a way to monitor certificates used on servers that are not typically accessible from the Internet.
In this article, we share our journey of developing a remote certificate monitoring service using an agent that runs on an organization’s private network. We share the requirements we defined, the architecture we selected, and the solution we implemented.