Basic Things Of Automated SSL Certificate Checker

There are many different tasks and routines in IT management that have to be completed the hard way. This may include manually verifying commands and checking to make sure the specific information is correctly entered into all fields.

However, there are also some tasks that can be very simple and easy if you just know the tools that are available. At Comodo, we believe that part of what we do is to make SSL (secure sockets layer) certificate management a simple, streamlined task. This ensures that IT professionals or website owners never have to spend time doing a manual SSL certificate expiry check even if they have multiple different SSL certificates from various CAs (Certificate Authorities).

We offer this through our CCM or Comodo Certificate Manager. We recognized that trying to manage tens or perhaps hundreds of different websites, SSL certificates and expiration dates is both time consuming and also a task that can easily be overlooked.

This can be even more complicated when the IT professional is managing the SSL/TLS certificates and the security for more than one domain and customer. This can lead to a very real security risk of an SSL certificate expiring, leaving the site vulnerable to potential hacking and phishing.

The Issue

While the chances of a hack or a phishing issue on a previously secured site are often not considered a high-risk issue, it is impossible to know if there is a hacking attempt until there is a problem

It is very unlikely that if the IT professional fails to complete an SSL certificate expiry check that a customer will notify the website manager. In fact, most customers will simply abandon the shopping cart and go back to the search engine results to find another website to shop. Drops in sales, increases in abandoned shopping carts and perhaps even negative feedback or comments about the site may be seen when a certificate expires.

For other entities transmitting secure documents, an expired certificate can be much more significant. Sensitive and confidential data will be exposed to hackers and phishing attacks. Often the damage is done before the security lapse is noticed and addressed.

Stop the Problem

Using the CCM allows you to easily keep track of your inventory. The first recommendation we have is the use the Auto-Discovery tool. This provides a quick visual to allow a full SSL certificate expiry check on all certificates across the internal and external networks. The reporting feature is in real-time and it can also be set to provide regular monthly reports that prompt you when certificates are reaching the end of their lifecycle.

This provides a list of every SSL certificate on the system, including those of our competition, in a logical format in a central location. Running the discovery tool often turns up certificates that may or may even be listed as they may have been purchased and installed by different IT professionals at different points in time.

Not only does this provide a full SSL certificate expiry check by date, but it also eliminated wasted budget dollars in duplicating certificates or securing sites at levels that are not necessary. It can also help to identify potential changes in a certificate to increase the security protection if a website is going to handle more transactions or need additional levels of security for consumer or user confidence.

This last issue often happens as subdomains evolve and are created to handle niche aspects of the business. For example, there is no need to have an information or blog site secured at the EV SSL level, particularly if there is no secure or sensitive data transmitted from the site.

Additionally, having multiple individual SSL certificates on subdomains is going to cost more over the lifecycle of the certificate than using a Comodo Wildcard SSL to secure the main domain and all subdomains with one certificate. You may be surprised to find out how certificates are simply being renewed without any check to make sure they are the most cost effective option out there.

Of course, along with the automated SSL certificate expiry check through CCM, we also send out emails starting about 60 days before the end of the certificate's lifecycle. Sometimes the email on file with Comodo is no longer the email the IT administrator is using, which results in a gap in communication the tool quickly addresses.

If you have completed an SSL certificate expiry check and need to renew or purchase a new SSL certificate at any level, visit us at You can also give us a call at +1 888 266 6361 to talk to us through our online chat to renew or purchase the products required.

Related Articles