Documentation

Complete guides, API references, and tutorials to help you get the most out of SSLytics

Getting Started with SSLytics

Quick Start

Get up and running in minutes

  1. Create your free account
  2. Enter a domain to check
  3. View detailed SSL analysis
  4. Set up monitoring alerts
Start Now
SSL Basics

Understanding SSL certificates

Learn the fundamentals of SSL/TLS certificates, how they work, and why they're essential for web security.

  • Certificate validation process
  • Certificate authority (CA) trust
  • Encryption algorithms and key sizes
  • Certificate chain verification

Key Concepts

Before diving into SSLytics, it's helpful to understand some key concepts related to SSL certificates and security.

SSL (Secure Sockets Layer) certificates, now commonly referred to as TLS (Transport Layer Security) certificates, are digital certificates that authenticate the identity of a website and enable an encrypted connection. These certificates are essential for securing online communications and transactions.

When a website has a valid SSL certificate, it means that the connection between the user's browser and the website's server is encrypted, protecting sensitive information from being intercepted by malicious actors.

There are three main types of SSL certificate validation:

  • Domain Validation (DV): Basic level of validation that only verifies domain ownership.
  • Organization Validation (OV): Intermediate level that verifies both domain ownership and some organization information.
  • Extended Validation (EV): Highest level of validation that requires rigorous verification of the organization's identity and legal status.

The level of validation affects the level of trust users can have in the website and may be important for compliance with certain regulations.

SSL grading is a way to evaluate the security of a website's SSL/TLS implementation. SSLytics uses a grading system similar to SSL Labs, ranging from A+ (excellent) to F (failing).

The grade is determined by several factors:

  • Certificate quality and validity
  • Protocol support (e.g., TLS 1.2, TLS 1.3)
  • Key exchange strength
  • Cipher suite strength
  • Vulnerability to known attacks

A higher grade indicates better security and reduced risk of compromise.

Next Steps

Run Your First Check

Start by checking a domain's SSL certificate to see detailed analysis.

Go to SSL Checker
Set Up Monitoring

Configure real-time monitoring to stay ahead of certificate issues.

Go to Monitoring
Explore API

Integrate SSL monitoring into your applications with our API.

View API Docs

API Reference

Integrate SSLytics into your applications with our REST API

Note: API access is available on Professional and Enterprise plans.

Authentication

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.sslytics.com/v1/check

Check SSL Certificate

POST /v1/check
Content-Type: application/json

{
  "domain": "example.com",
  "includeChain": true,
  "checkVulnerabilities": true
}

Response Format

{
  "domain": "example.com",
  "status": "valid",
  "grade": "A+",
  "certificate": {
    "issuer": "Let's Encrypt",
    "validFrom": "2024-01-01T00:00:00Z",
    "validTo": "2024-04-01T00:00:00Z"
  },
  "security": {
    "tlsVersion": "1.3",
    "vulnerabilities": []
  }
}

Endpoints

Endpoint Method Description
/v1/check POST Check SSL certificate for a single domain
/v1/bulk-check POST Check SSL certificates for multiple domains
/v1/results GET Get all SSL check results
/v1/results/{id} GET Get a specific SSL check result
/v1/monitors GET/POST List or create monitoring rules
/v1/alerts GET Get all monitoring alerts

Rate Limits

API rate limits depend on your subscription plan:

  • Professional: 100 requests per hour
  • Enterprise: Custom limits based on your needs
Get API Key

Guides & Tutorials

Setting Up Monitoring

Complete guide to certificate monitoring

Learn how to set up comprehensive monitoring for your SSL certificates with custom alert rules and notifications.

Read Guide
Compliance Reporting

Generate compliance reports

Create detailed compliance reports for GDPR, HIPAA, PCI DSS, and other industry standards.

Read Guide
Bulk Operations

Managing multiple certificates

Efficiently manage hundreds of domains with bulk operations, automated checks, and batch reporting.

Read Guide
API Integration

Integrating with your workflow

Integrate SSL monitoring into your CI/CD pipeline and infrastructure monitoring tools.

Read Guide

Best Practices

  • Centralized Inventory: Maintain a centralized inventory of all SSL certificates across your organization.
  • Renewal Process: Establish a clear process for certificate renewal with sufficient lead time (at least 30 days before expiration).
  • Automation: Automate certificate deployment and renewal where possible to reduce human error.
  • Key Management: Implement secure key management practices, including proper key storage and rotation.

  • Modern Protocols: Use TLS 1.2 or TLS 1.3, and disable older protocols (SSL 3.0, TLS 1.0, TLS 1.1).
  • Strong Ciphers: Configure servers to use strong cipher suites and disable weak ciphers.
  • Perfect Forward Secrecy: Implement PFS to ensure that session keys cannot be compromised even if the private key is compromised.
  • HSTS: Enable HTTP Strict Transport Security to force secure connections.

  • Continuous Monitoring: Implement continuous monitoring of certificate validity, expiration, and security configuration.
  • Alert Thresholds: Set appropriate alert thresholds for certificate expiration (e.g., 90, 60, 30, 7 days).
  • Incident Response Plan: Develop and test an incident response plan for certificate-related issues.
  • Backup Certificates: Have backup certificates ready for critical services in case of compromise or unexpected issues.

Code Examples

Example: Basic SSL Check

Simple certificate validation

# Check SSL certificate for a domain
curl -X POST https://api.sslytics.com/v1/check \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"domain": "example.com"}'
Example: Bulk Domain Check

Check multiple domains at once

# Bulk check multiple domains
curl -X POST https://api.sslytics.com/v1/bulk-check \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "domains": [
      "example.com",
      "subdomain.example.com",
      "another-domain.com"
    ]
  }'
Example: Monitor Setup

Configure automated monitoring

# Set up monitoring for a domain
curl -X POST https://api.sslytics.com/v1/monitors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "domain": "example.com",
    "checkInterval": "daily",
    "alerts": {
      "expiration": 30,
      "vulnerabilities": true
    }
  }'

Client Libraries

PHP

Use our official PHP client library to integrate with SSLytics. 

composer require sslytics/php-client
View on GitHub
JavaScript

Use our official JavaScript client for browser and Node.js. 

npm install sslytics-js
View on GitHub
Python

Use our official Python client library for easy integration. 

pip install sslytics
View on GitHub
Need help? If you have any questions or need assistance with integration, please contact our support team.