Does CertSentry watch domain (registration) expiry?
Yes. Separately from the certificate, CertSentry tracks when your domain registration expires, using RDAP (with WHOIS as a fallback). A lapsed domain is one of the most painful outages there is — site and email go dark at once, and recovery through a registrar can be slow — so it's worth a warning well in advance.
Certificate vs domain — what's the difference?
These are two different clocks, and people mix them up:
| Certificate | Domain registration | |
|---|---|---|
| Renews every | Few months (often automatically) | 1–10 years (manually) |
| Common failure | Auto-renew breaks silently | Card on file at registrar lapses |
| When it bites | Browser security warning | Whole domain stops resolving |
CertSentry watches both and alerts ahead of each, so neither clock catches you out.
You don't need to own it
Domain-expiry data comes from public registry sources, so you can monitor expiry for any domain — including clients' — without verifying ownership. See verifying ownership.
A note on accuracy
Registrars and registries vary in how promptly they publish expiry dates, and some privacy-protected domains expose less detail. Where the data is available, CertSentry surfaces it and warns you ahead of the date.