What does CertSentry monitor?
CertSentry watches the failures that take sites down quietly — the ones you don't notice until a customer does. Instead of stitching together a cert checker, an uptime tool and a DNS watcher, you get all of it against one target, in one place.
Everything it watches
| Check | What it watches | How often | Plans |
|---|---|---|---|
| SSL / TLS | Certificate expiry, validity and a TLS configuration grade | Daily | All |
| Domain expiry | Registration end date via RDAP / WHOIS | Daily | All |
| DNS changes | A, AAAA, CNAME, MX, NS and TXT records | Daily | All |
| Uptime | HTTP(S) reachability, status and latency | Your interval | All |
| TCP port | A plain connection to a host and port | Your interval | All |
| Heartbeat | Inbound pings from your cron jobs and workers | Your interval | All |
| Certificate Transparency | New certificates issued for your domain | Continuous | Pro & Agency |
| DMARC | Aggregate email-authentication reports | As received | Pro & Agency |
What you don't need
You don't install an agent, and you don't have to own or verify the domain — anything publicly reachable can be watched. That's why agencies use CertSentry to monitor a whole book of client domains without touching each one's stack.
How a monitor is shaped
A monitor is one target plus the checks you want on it. A single monitor can run SSL, domain, DNS and uptime together — they don't each count separately. Add a target, tick the checks you care about, choose where alerts land, and you're watching.
Ready? See adding your first monitor.