Dependencies: Certificate Expiry
.svg)
.svg)
Description
The Certificate Expiry test opens a secure connection to your dependency, retrieves the certificate chain, and validates that no certificates expire in the next 30 days. If there is no secure connection available, and therefore no certificates, this test will pass.
Why run this Scenario?
Expired certificates can lead to sudden, high-profile outages. Tools like Certbot and ACME (Automatic Certificate Management Environment) helped automate certificate issuance and renewals, but teams still need to stay on top of upcoming expirations. This Scenario helps flag certificates that are expiring soon, giving you time to renew and replace.
- Ensure operational awareness of certificate expirations.
- Validate automation for certificate renewal.
- Reduce outage risk from unnoticed expired certs.
Expected outcomes
If a TLS certificate for a dependency expires, the dependent service will surface clear errors and alert ops immediately.
