Skip to content
← Sensors

How can we build new sensors or improve existing sensors?

'Private and SMTP-TLS Certificate Expiration Monitoring' has been merged into this idea

Sensors

Categories

JUMP TO ANOTHER FORUM

(thinking…)

Expand SSL Certificate Monitoring Beyond HTTPS

As a PRTG network administrator, I want to monitor SSL certificates for both HTTPS and MS SQL Server connections, so that I can proactively manage certificate expiration across all critical services without relying on complex external scripts.

Since the current SSL Certificate is only for web (HTTPS) ports, it might be useful to update the name to "HTTPS SSL Certificate".

Within the scope of MS SQL Server's connection SSL Certificate for the 1433 port, it will be useful to provide a way to monitor the certificate's expiry date. There is a number of pages with Python scripts that will pull the certificate, but to wire that into PRTG through a power shell script adds to many moving parts.

3 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Billy Cole shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Gathering Feedback  ·  AdminIsidora Jeremic (Admin, Paessler) responded  · 

Hi there,


Great news! Your idea has been approved and moved to the next stage on Paessler.


Before we can commit to developing this idea, we need more input from the community. Your idea has the potential to significantly impact our users, and getting broader feedback will help us understand its full scope and prioritize it effectively.


Here's how you can help:

  • Share your idea: Encourage other Paessler users to view, comment on, and vote for your idea.
  • Elaborate on your suggestion: Add more details, use cases, or examples to your idea description.
  • Engage with comments: Respond to questions and suggestions from other users.


The more engagement your idea receives, the better its chances of being fully implemented.


Thanks for your continued collaboration in making Paessler even better!


Best regards,

The Paessler Product Team

Show previous admin responses (1)

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Billy Cole commented  ·   ·  Report

    The nature of using openssl to extract the expiry date is fairly straight forward, the problem becomes when the certificate is within a protocol handshake, like SNMP, SQL Server 1433, or within a java keystore, or MS keystore.
    Instead of going after the certificate directly, provide a way to store the certificate on the PRTG core servers, then have a sensor monitor it from there.
    If you want to be very helpful, provide a utility that can be scheduled to go extract the certificate from a web port, or key store, or from a server directory and copy it to the core servers' certificate store.
    This would open up a vast array of certificate monitoring options and would be more performant than querying for the certificate.
    On the sensor, also provide documentation on adding threshold triggers for 60,30, and 7 days left till expiry.

  • AdminAntje Pich (Admin, Paessler) commented  ·   ·  Report

    As an IT Administrator, I want a native PRTG sensor to conveniently monitor the expiration dates of private and SMTP-TLS certificates, eliminating the need for custom scripts. This will ensure I'm proactively alerted to expiring certificates, preventing service disruptions and security vulnerabilities.