The SSL tracker ensures that you're kept notified of expiring certificates for your client's externally facing services and websites that are secured with SSL.
Everything is designed to make it easy to track SSL certificate expirations. When you add a domain that has an SSL certificate installed, the certificate is automatically added to the SSL tracker. Other SSL certificates are captured in a very similar manner as domains. Simply enter the host name associated with the certificate and the public aspects of the certificate are auto-populated.
Check out this IT Glue express video (2:07) to see the domain and SSL trackers in action:
Learn more about the domain tracker in this article.
- Access to known DNS records for the client, which will probably require signing in to the domain registrar or hosting company's DNS management console for each client domain.
- Research with key contacts who supply the certificates and record any account information and passwords used for certificate management. If necessary, revisit the Vendors and Passwords areas to record these credentials.
- Check the DNS zone file records for any CNAME records that might potentially have https:// components. Here's a short checklist of some common options to browse:
- Alternatively, for self-signed certificates or in cases where the certificate cannot be retrieved from a host, you can manually copy and paste the PEM-encoded certificate in the Certificate field. The public aspects of the certificate are automatically parsed from the certificate itself. Note: You should only include the certificate here, not the rest of the chain.
- Intermediate chain - Use this field to store the rest of the certificate chain. You might want to provide this for future reference in case you need to provision a server with the certificate. Simply paste the certificate chain in PEM-encoded format. Do not include the root certificate in this field.
- Certificate signing request - Store the original CSR for your certificate in the event you need it for a future renewal.
- Private key - Store the certificate's private key in this field, which may be useful if you need to provision a server with the certificate at a later date. This field is stored securely in encrypted format in our database.
- Notes - Add any additional notes regarding the certificate.
- IT Glue will refresh publicly available certificate information once every 24-48 hours, as long as you provided a certificate host name to pull the update from. If you just copied and pasted PEM files into IT Glue (step 6), these manually entered certificates will not automatically refresh.
- If an update fails, the system makes five attempts, and then waits a week before trying again.