When SSL certificate issues go undetected, they can expire, break trust chains, or mismatch domain names—causing service disruptions before you have a chance to respond. Domain name monitoring sends alerts through your preferred channel the moment an anomaly is detected, giving you time to act before users are affected. Supported channels include email, internal message, DingTalk, WeCom, and Lark.
Supported events
The following events trigger notifications:
| Event | Description |
|---|---|
| Failure to enable domain name monitoring | Monitoring could not be activated for the domain |
| SSL certificate expiration | The SSL certificate has expired |
| Upcoming SSL certificate expiration | The SSL certificate is approaching its expiration date |
| Incomplete certificate chain | The certificate chain is missing one or more intermediate certificates |
| Domain name and certificate mismatch | The certificate does not cover the monitored domain name |
| Anomaly recovery notification | A previously detected anomaly has been resolved |
Prerequisites
Before you begin, ensure that you have:
An Alibaba Cloud account with access to Certificate Management Service
At least one domain name added to Public Domain Name Monitoring
Configure notifications
Log in to the Certificate Management Service console.
In the left-side navigation pane, choose Certificate and Domain Application Services > Notification.
On the Public Domain Name Monitoring tab, find the domain name you want to configure, and click Edit in the Actions column.
In the Edit Notification panel, turn on the
switch to enable notifications. Configure the following parameters, then click OK.Parameter Description Contact The contact who receives notifications Notification Method The channel used to deliver notifications: email, internal message, DingTalk, WeCom, or Lark Anomaly Time The time at which the anomaly was detected
What to do after receiving a notification
Check which event triggered the notification and take the appropriate action:
| Event | Action |
|---|---|
| SSL certificate expiration | Renew the certificate immediately to restore service |
| Upcoming SSL certificate expiration | Renew the certificate before it expires to prevent service interruption |
| Incomplete certificate chain | Re-deploy the certificate with the complete chain, including all intermediate certificates |
| Domain name and certificate mismatch | Verify that your certificate covers the affected domain name, or reissue a certificate that matches |
| Anomaly recovery notification | No action required. A previously detected issue has been resolved |