KeyChest of Enigma Bridge is a certificate expiry monitoring service. It uses internet databases and checks configuration of your servers. KeyChest dashboard gives you all the information you need for operational teams, as well as performance charts (KPIs).
KeyChest can enroll all your servers and domain names within minutes. It will also continuously discover new certificates within domain names you set as "Active Domain". It is how we believe monitoring should work - automatically.
Note: This free service running KeyChest Professional only imposes "fair-use" limits so you can use it to monitor even thousands of your certificates. It will check status HTTPS servers, but also web applications using the TLS protocol.
just paste your domain, no registration
register with email or social account
Our main goal with KeyChest is to encourage the use of HTTPS by improving the management experience. The single most important downside of using certificates and HTTPS is that websites and web services become unavailable once their certificates expire. The growing number of people using Let's Encrypt certificates with just 3 months' validity makes the problem ever more visible.
There is no point in discussing the security if your online business or service is not running.
While KeyChest doesn't solve (yet) the problem of certificate renewal, it helps its users to plan related operational tasks (certificate renewal, deployment, or application restarts). It also gives you piece of mind that you didn't forget any of your services by providing a dashboard with all the information in one place.
We are now also working on the KeyChest Enterprise for use within large organizations, or where there is a team managing certificates. This version is going to be available as managed service instances hosted either in a public cloud, or within clients' networks. A natural progression is to start actively managing certificates from dedicated instances. We have already built our cloud encryption service with secure hardware to manage keys and our current task is to extend the capabilities to support different types of clients and environments.
We want to help the community to use HTTPS so that the enhanced security also improves the quality of your business and our internet experience. Our free service at KeyChest.net uses KeyChest Professional and our aim is to keep it free.
Our business model is built around KeyChest Enterprise and dedicated instances of KeyChest Professional. They can be hosted in Amazon cloud, on your internal server(s), or elsewhere (needs prior agreement).
KeyChest Enterprise adds features useful for teams, and large companies:
API - essential API will be available in Professional version - see the roadmap.
Enterprise networks scanning.
We have a simple pricing structure based on the number of users and independent scanners only.
KeyChest Professional - $1,000/year or $100/month
KeyChest Enterprise (with 2 users) - $2,000/year or $200/month, with each additional scanner at $100/month and user at $40/month
If you have a question, please get in touch with our support.
The following table compares features of KeyChest Professional with Letsmonitor.org and certificatemonitor.org.
Spot check is a powerful tool for a quick assessment of the SSL/TLS configuration of your servers.
It resolves the name of a server you provide and runs a series of tests against one of the IP addresses. It does not follow HTTP redirects, but it shows if one is in place so you can follow the link manually. If there are more IP addresses you can see the list and use it to check a particular IP address, if appropriate.
The list of spot check tests:
Possible errors returned by the TLS/HTTPS scanner are:
If you are not sure the results you can see are correct, or have any other question, please let us know at support @ enigmabridge.com or use a support form to get in touch.