Operations | Monitoring | ITSM | DevOps | Cloud

We're excited to announce all Oh Dear users now have access to detailed performance metrics for all of their websites! Let us take you through a quick tour of the new performance monitoring.

Some of our users have received reports about their AddTrust External CA Root or USERTrust RSA Certification Authority certificate. The problem occurs because the remote server sends a root certificate in the chain that will expire in less than 14 days. Here are the steps to verify this and a few tips on how to resolve it.

As part of our service, we perform SSL certificate monitoring. We do this slightly different than other providers, which is why were able to detect a problem with the SSL certificates of a large, commercial, CDN provider. In this post, we'll do a technical deep-dive into how we found this problem!

We've introduced two very cool new features to Oh Dear: the ability to temporarily silence alerts and advanced Slack notifications.

We've added the ability to see detailed webhook logs to Oh Dear, showing both the sent request and the received response for all notifications we have sent.

We've added the ability to disable the team-level notification settings on a per-site basis. This allows for even more flexibility in the way you set up and configure your alerts!

When we first launched Oh Dear, we had a fixed certificate expiration timer: 14 days. As soon as the expiration date came within 14 days, we'd start sending a daily reminder to hurry up and renew those certificates. Our first exception was made when Let's Encrypt gained more in popularity. We started notifying Let's Encrypt certificates 7 days before expiration date.

We added a series of improvements to our notifications settings, making it easier for you to control where your alerts are sent.

Yesterday, we sent out notifications to all our clients that are affected by the Let's Encrypt mass revocation of SSL certificates. In this post, we'll share the details how we found those certificates. Now, the morning after, we're well rested and in good shape to do a proper write-up on the matter.

The team at Let's Encrypt, the free certificate authority, has identified an issue that might have lead to unauthorized certificate issuance. Because it's hard to determine which sites have been abused, they have no other choice but to revoke all certificates that may have been maliciously issued. The result is a massive 3,048,289 certificates that will be revoked within the next 24 hours. We've just finished alerting all our users that are affected by this.