SSL certificate monitoring consists of automated checks about SSL supporting URL type assets against any successful hacking attempts. Any changes in certain parts of the SSL certificates will be reflected to responsible users (usually company admins) through Alarms. Here are the conditions that alarms are created;
- Change of SSL certificate thumbprint
- Change of SSL certificate issuer
- When the SSL certificate expiration date is close
- The change of the SSL certificate expiration date
The SSL monitoring for URL assets are activated as the assets are created in NormShield.
The configuration of the SSL certificate monitoring can be handled by clicking Intelligence->Domains & Certificate Monitoring submenu. Clicking Configure button opens a dialog box, shown in Figure 1, where notification types and threshold values (in days) for expiration can be selected.
Figure 1 - Configuring domain and SSL certificate monitoring