Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

I made a site that checked for SSL cert expirations and misconfigurations, but I couldn't acquire any customers. I still think there's a business there somewhere, although maybe it really only sells as part of another product.

Edit: If anyone wants a script to check their certificates, here you go: https://gist.github.com/bretwalker/5420652. You'll just need to add in some sort of notification logic, especially for expirations, since they need to happen before a problem arises.



Sounds like something you could license to companies to use as a lead generation tool - like HubSpot's Marketing Grader http://marketing.grader.com/


That's a very interesting idea, Simon, and one that didn't even cross my mind.

I've since moved on to a new project. If anyone wants to talk about taking over the site, shoot me a message at bretwalker /at/ Google's email. It's Django and has some branding and a domain: http://static.nyquistrate.com.s3.amazonaws.com/media/certcia...


Stackify created this exact thing after the last time this happened with MS Azure about 2 months ago. It's called certalert.me (http://certalert.me) and is a free service.

It's not a huge business, but it was almost trivial to setup with all the advanced monitoring & diagnostics that stackify typically does anyway.


Very useful. It's not a super hard problem to solve, but I did think it provided enough value that companies would be willing to pay for it. SSL is used on the most important pieces of a business' infrastructure, I thought it'd be a simple sell.

I also can't tell if certalert.me checks for hostname mismatches. That was another part of my service, because a misconfiguration is just as fatal as an expired certificate.


Out of curiosity.. how much money were you trying to charge for the service?


I think $5 for 5 sites, $10 for 15 and $20 for 50.


The sad thing is that SCOM can monitor for pending certificate expiration and validity. If Microsoft dogfooded a little more, they might have seen this.


Venafi[1] has made a pretty good business out of cert management.

1. http://www.venafi.com/solutions/ssl-certificate-management/


I usually put a check for "SSL certificate expires in less than 30 days" in the NMS. There is certainly a market for network monitoring as a service and this is a useful check to have in one.


Here's a free service that makes auto-updating iCal calendars from SSL and domain expirations: http://domainical.org/



Which protocols do you support besides https? imap or pop with tls perhaps?


Yes, IMAP and POP were supported: https://gist.github.com/bretwalker/5420652




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: