Cruip Logo

Never Miss a Cert Expiration

For DevSecOps, InfraOps, and security teams managing internal PKI, mTLS, embedded devices, and air‑gapped systems.

Stop relying on spreadsheets, tribal knowledge, or ad-hoc scripts. Get centralized, real‑time visibility, expiry alerts, and ownership context across all your certificates, internal and external.

Monitor SSL certificates in 2 minutesβ€”no credit card needed

πŸ”§ Track local certs in seconds β€” no agent needed

keymon CLI
# Install keymon CLI
npm install -g keymon

# Verify installation
keymon --version

# Get help
keymon --help

# Set up SSL Guardian Organization ID
export SSL_GUARDIAN_ORG_ID="your-org-id-here"

# Set up SSL Guardian API key
export SSL_GUARDIAN_TOKEN="your-api-key-here"

# Ready to monitor certificates!
keymon --plugin domain --domains example.com
Try it β†’ Sign Up
βœ“ Expiration trackingβœ“ Team notifications
SSL Guardian Dashboard Screenshot
Why SSL Guardian

Prevent downtime before it happens

Professional SSL monitoring with smart alerts, team collaboration, and enterprise integrations. Get started in minutes with our intuitive dashboard.

Workflow 01
πŸ” Auto Discovery

Automatically discover certificates via DNS enumeration and Certificate Transparency logs. Never miss a certificate again.

Workflow 02
πŸ”” Smart Alerts

Multi-channel notifications via Slack, PagerDuty, email, and more. Custom templates and escalation policies prevent alert fatigue.

Workflow 03
πŸ‘₯ Team Ready

Role-based access, unlimited team members, and comprehensive audit trails. Built for DevOps teams and enterprise security.

Enterprise Ready
πŸ›‘οΈ Enterprise Ready

Monitor air-gapped and offline certificates that live in unreachable networks. Zero network exposure with secure metadata extraction.

Key Features

Beyond Public SSL - Monitor Your Entire PKI

SSL Guardian helps DevSecOps and security teams manage all TLS certificates - not just public-facing ones. Track certs in air-gapped systems, mTLS, internal CA, IoT devices, vendor APIs - even those not supported by Let's Encrypt.

Features

Universal Certificate Discovery

  • βœ… Live domains & custom ports
  • βœ… Java keystores (JKS, PKCS#12)
  • βœ… Kubernetes TLS secrets
  • βœ… AWS Certificate Manager
  • βœ… Azure Key Vault
  • βœ… Nginx, PostgreSQL, macOS Keychain

Cloud & Container Integration

  • βœ… AWS ACM multi-region support
  • βœ… Kubernetes namespace monitoring
  • βœ… Docker container certificates
  • βœ… Cloud provider APIs
  • βœ… Infrastructure as Code support

Environment & Group Organization

  • βœ… Organize certs by environments (prod, staging, dev)
  • βœ… Group by teams, services, or business units
  • βœ… Custom tagging & filtering systems

Enterprise Alerts & Escalation

  • βœ… Multi-channel (PagerDuty, Teams, Slack)
  • βœ… Customizable templates & escalation rules
  • βœ… Context-aware alert routing

Compliance-Ready Reports

  • βœ… mTLS coverage & internal CA inventories
  • βœ… Certificate rotation logs
  • βœ… SOC/ISO audit trails

Bank-Grade Security

  • βœ… OAuth/SSO & JWT authentication
  • βœ… 99.9% uptime SLA
  • βœ… SOC 2 compliance (roadmap)
Real Pain Points

When Internal Certificates Fail

These scenarios happen every day in enterprise environments. SSL Guardian prevents them.

Partner API Failure

"Webhook failure: cert expired on partner API β€” alerts came too late. Revenue stopped flowing for 6 hours."

SSL Guardian monitors vendor certificates and alerts before they impact your business.

mTLS Service Breakdown

"Inter-service auth: Dev team didn't know ops team owned certs, expired, caused cascading app failures."

Team ownership mapping prevents orphaned certificates and communication gaps.

IoT Device Fleet

"IoT fleet: 120 embedded devices, certs unknown until token rotations failed. Manual discovery took weeks."

Automated discovery finds certificates in embedded systems and air-gapped networks.

SSL Monitoring Solved

From chaos to confidence in minutes

SSL Guardian eliminates the three biggest pain points in certificate management: missed expirations, alert fatigue, and team coordination failures.

Certificate discovery dashboard
Simple Pricing

Simple, transparent pricing

πŸ’° Get 2 months free with annual billing

Forever Free
$0FREE
Forever free - No credit card required.
Start Free Forever
  • Monitor 3 public certs (no internal visibility)
  • Email notifications
  • 1-day alert window
  • Single user only
  • Community support through Slack
Essentials
$12.00/month
For developers or small teams monitoring internal & public certs
Try This Plan
  • Track up to 20 certificates
  • Email, Slack, Telegram, Google Chat
  • 14, 7, and 1 day notifications
  • Single user
  • Email support
Most Popular
Team
$49.00/month
For teams managing certs across environments
Try This Plan
  • Track up to 150 internal or public certs
  • All Essentials + PagerDuty, Splunk On-Call
  • CLI & API integrations
  • Team ownership tagging
  • Smart notifications with escalation
  • 30, 14, 7, and 1-day alerts
  • Up to 5 team members
  • User roles: Admin & Viewer
  • Priority email support
Enterprise
$199.00/month
Complete certificate observability for security-focused infrastructure.
Start Enterprise Plan
  • Unlimited certificates
  • All Team + Webhook, Zapier
  • Air-gapped collector support
  • Internal CA inventory tracking
  • SOC2 / ISO audit report support
  • Advanced smart notifications
  • Custom notification templates
  • Notification grouping (batch alerts)
  • StatusPage.io integration
  • Unlimited team members
  • Advanced user roles & permissions
  • Dedicated support (Slack, Meet, Phone)

Early Access: Free SSL Monitoring for 12 Months

Limited spots available! Join 50+ teams already preventing SSL certificate outages with automated monitoring and intelligent alerts.
Learn how SSL Guardian prevents outages β†’ Read Blog