An SSL expiry alert rule fires when your monitor's SSL certificate will expire within a specified number of days. This gives you advance warning before your certificate expires and causes real failures.

How It Works

PulseAPI reads the SSL certificate expiry date from every check on an https:// endpoint with SSL verification enabled. The rule evaluates whether the certificate will expire within the number of days you specify.

Configuring an SSL Expiry Rule

1. In the alert rule form, set Condition Type to SSL Certificate Expiry.
2. The Operator is less than (days until expiry < threshold).
3. Enter the Threshold in days.

Recommended Configuration: Two Rules

Create two rules for layered SSL expiry protection:

Rule 1 — Advance Warning

• Condition: SSL expiry less than 30 days
• Priority: Low or Medium
• Channels: Email or low-urgency Slack channel
• This gives you a month's notice to schedule a renewal.

Rule 2 — Urgent Alert

• Condition: SSL expiry less than 7 days
• Priority: High or Critical
• Channels: Primary on-call channel
• This fires if the renewal was missed and expiry is imminent.

Prerequisites

For SSL expiry rules to work:

• The monitor URL must start with https://
• SSL Verification must be enabled on the monitor (it's on by default)

If SSL verification is disabled on a monitor, PulseAPI doesn't read the certificate and the expiry rule won't fire.

What Happens When the Certificate Actually Expires

When the SSL cert expires, every check will fail with an SSL error. A status code or response time alert rule will fire at that point — but by then it's already affecting users. The SSL expiry rule is specifically designed to catch this before it becomes a problem.

Related Articles

• SSL Certificate Monitoring
• SSL Certificate Errors and Warnings
• Creating an Alert Rule

Still have questions? Contact support.