Skip to content
POST AI agent ready /v1/ssl-cert/expiry

SSL Certificate Expiry API - Free Certificate Monitor

Queries Certificate Transparency logs for the most recent certificate matching a domain. Returns the issuer name, validity dates, days remaining until expiry, and flags for expired or expiring-soon status. Certificates expiring within 30 days are marked as expiring_soon.

Parameters

stringrequired

Domain to check certificate expiry for.

Code examples

curl -X POST https://api.botoi.com/v1/ssl-cert/expiry \
  -H "Content-Type: application/json" \
  -d '{"domain":"github.com"}'

When to use this API

Build SSL expiry alerting for your domains

Poll this endpoint weekly for each of your domains. When days_remaining drops below 30, send a Slack notification or email to your ops team. Catches renewal failures before users see browser warnings.

Audit third-party service certificates

Monitor SSL expiry on APIs, CDNs, and SaaS tools your application depends on. Get ahead of outages caused by expired certificates on services you do not control.

Compliance reporting for security audits

Generate a weekly report of all domain certificates showing issuer, expiry date, and days remaining. Attach to SOC 2 or ISO 27001 compliance evidence packages.

Frequently asked questions

Where does the certificate data come from?
Certificate details are sourced from Certificate Transparency (CT) logs via crt.sh. CT logs are a public record of all certificates issued by trusted certificate authorities.
What does expiring_soon mean?
The expiring_soon flag is true when the certificate expires within 30 days but has not yet expired. This gives you a warning window to renew.
Can this detect self-signed certificates?
No. Self-signed certificates are not submitted to Certificate Transparency logs. This endpoint only finds certificates issued by publicly trusted CAs.
What if a domain has multiple certificates?
The endpoint returns data for the most recently issued certificate matching the exact domain name. Wildcard certificates are included if the domain matches.
How often should I check?
Daily or weekly is sufficient for most use cases. Certificates typically have 90-day or 1-year validity periods, so checking more frequently than daily adds no value.

Get your API key

Free tier includes 5 requests per minute with no credit card required. Upgrade for higher limits.

Sign up free View full docs