Cert Monitoring

why the renewal of certs often fail even for big tech companies?
My recent thoughts about cert monitoring and how you establish a strict monitoring regime:

in English: https://blog.jakobs.systems/en/blog/20210112-cert-monitoring/
in German: https://blog.jakobs.systems/blog/20210112-cert-monitoring/


Well, my provider as well as Apple send emails for expiring certificates, so we can renew in time.

Well we both are small companies with direct interactions and short processes. Try to imagine how this works in bigger ones, where a web developer puts something on any sever without telling anything to his IT department. Or when you are responsible for Ops for a company with a lot brands and websites, all managed by 3rd party Advertising-Companies and so forth many providers and on external servers.

The magic is the git repository and the distributed configs, not monit :wink:

I wouldn’t blindly trust 3rd party. I rather rely on my own established instruments and would use any 3rd party instruments only as additional confirmation.