SSLBoard - Frequently Asked Questions

What problem does SSLBoard aim to solve?

SSLBoard aims to solve the widespread issue of SSL certificate expirations causing website outages and security vulnerabilities. It addresses the complexity and difficulty of manually tracking and managing numerous SSL certificates across various domains, hosts, and CAs, especially in large-scale environments. The platform's goal is to become the best SSL monitoring tool by providing a comprehensive, smart, scalable, and agentless solution to prevent these problems.

Is SSLBoard an uptime monitoring tool?

No, SSLBoard is not yet another uptime monitoring tool.
It is a tool for auditing your SSL certificates and helping you understand your SSL configuration. Certificates can be used or unused, or deployed to multiple hosts, and hosts can use multiple certificates, they can have multiple IPs and ports! Without a proper too, you can't really understand how your certificates are used. SSLBoard makes it easy to understand your whole SSL configuration.

Do I have to add every host in my organization to SSLBoard?

No, you will only need to give us your domain names, and SSLBoard will automatically find all the hosts and IPs for you.
We can't guess the hostnames when you're using wildcard certificates though, so you'll have to add those manually, as well as TCP ports if you're using non-standard ports. You'll be set in minutes.

How does SSLBoard discover and track SSL certificates?

SSLBoard employs multiple methods for comprehensive certificate discovery and tracking. It continuously scans Certificate Transparency logs, processing over 10 million new certificates daily. Additionally, it actively scans servers daily to identify which certificates are actually deployed and in use, providing quasi real-time updates for new certificates. This agentless approach means no software needs to be installed on the user's servers. It supports monitoring subdomains and can scan from various locations, including Google Cloud Europe/USA and fixed European IP addresses.

What key features does SSLBoard offer to prevent certificate-related outages and issues?

- Expiration Management: It tracks all expiration dates, flags expired certificates still in use, and identifies missing replacements.
- Deployment Drift Detection: It catches inconsistencies in certificate deployments across load balancers, IPv4/IPv6, or different key types, highlighting stale or delayed deployments and showing transitions in a timeline.
- Revocation Checks: It performs OCSP checks for revoked certificates that are still deployed.
- TLS Quality Audits: It identifies weak ciphers and outdated TLS versions, with whitelisting support.
- Notifications: Users receive expiration notifications via email and webhooks, with integrations for Zapier and n8n.
- Calendar Views: It provides a visual calendar of expiring certificates in use, and allows ICS calendar subscriptions for Google, Outlook, and Apple Calendars

Will I receive alerts every time a certificate expires or is renewed?

No, SSLBoard will only notify you for certificate that are actually used, cutting the noise and keeping you focused on the important stuff.
When everything is working fine as expected, you won't receive any alerts.

How does SSLBoard simplify the user experience and management of certificates?

SSLBoard is designed for ease of use and streamlined management. It features a modern, user-friendly dashboard with detailed drill-downs, allowing users to quickly see the complexity of their SSL certificates. It offers search, sorting, and filtering capabilities by various fields. Users can add tags and comments to certificates and hostnames, and hide unused or expired assets. The platform also provides organization and user management for inviting team members and managing roles, and allows data export to Excel for reporting.

What makes SSLBoard agentless and why is that important?

SSLBoard is agentless because it does not require any software or agents to be installed on the user's servers or infrastructure for certificate monitoring. This is important for several reasons: it eliminates integration headaches, reduces the attack surface by not adding more software to critical systems, simplifies setup (zero ops), and ensures a clean separation between monitoring and certificate issuance, giving users freedom over their Certificate Authority (CA) choices and avoiding vendor lock-in.

Can SSLBoard scale to accommodate large organizations with many certificates?

Yes, SSLBoard is designed to be highly scalable and fast. It can effectively manage and monitor anywhere from a few dozen to tens of thousands of certificates per domain. The platform is built to handle large fleets, with data loading in seconds, making it suitable for growing businesses and large enterprises with extensive certificate inventories.

What is the "Change Log" and why is it important for users?

The Change Log is a publicly accessible record of new features, updates, bug fixes, and performance enhancements introduced to the SSLBoard platform over time. It provides transparency into the product's development, showing users how SSLBoard is continuously evolving to meet its goal of being the best SSL monitoring tool and solving the SSL expiration problem. For users, it's important because it allows them to track new functionalities, understand improvements, and stay informed about the latest capabilities of the service they are using.

How does SSLBoard handle my data and respect my privacy?

SSLBoard is using exclusively data that is publicly available through Certificate Transparency logs, and TCP/TLS requests.
We do not collect any sensitive data, and we do not profile you or your organization.
We do however send requests to your servers to see which certificates they're serving and if they're set up correctly.