Track Custom Domain Certificates for Serverless APIs

Serverless developers and cloud architects deploying APIs on platforms like AWS Lambda or Vercel often use custom domains. An expired SSL certificate on these domains will render your serverless functions inaccessible, breaking critical application functionalities.

Try free → See pricing

The problem

Serverless architectures, leveraging platforms like AWS Lambda, Google Cloud Functions, or Vercel, frequently expose APIs and web services via custom domains. If the SSL certificate for one of these custom domains expires, your serverless functions become unreachable, returning browser security warnings or API errors. This completely breaks any frontend applications, mobile apps, or third-party integrations that rely on these endpoints, leading to immediate service disruption and a degraded user experience. Managing these certs manually across many functions is prone to oversight.

Consider a critical authentication API built on AWS Lambda and fronted by `auth.your-saas.com`. If its certificate expires, no user can log in, and all dependent services fail. Such an outage is not only frustrating for users but can halt business operations, requiring urgent attention from your development team. The ephemeral nature of serverless often means less direct server management, making proactive certificate monitoring on custom domains even more critical to maintain uptime and reliability.

How Certfly solves it

Monitor SSL certificates for all custom domains linked to your serverless API endpoints.

Receive early warnings for expiring certs, preventing serverless function downtime and API failures.

Ensure continuous, secure access to your serverless applications and microservices.

Concrete example


$ curl -v https://api.your-serverless.com/users\n
*   Trying 203.0.113.5...\n
* Connected to api.your-serverless.com (203.0.113.5) port 443 (#0)\n
* TLSv1.3 (OUT), TLS handshake, Client hello (1):\n
* TLSv1.3 (IN), TLS handshake, Server hello (2):\n
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):\n
* TLSv1.3 (IN), TLS handshake, Certificate (11):\n
*  subject: CN=api.your-serverless.com\n
*  SSL certificate verify ok.\n
< HTTP/1.1 200 OK

Ready to try Certfly?

Watch your TLS certs so you don't have to.

Get started → See pricing

Frequently asked questions

Does Certfly integrate directly with AWS Lambda or Vercel to find domains?

Certfly doesn't directly integrate to discover domains. You simply add your custom domain for each serverless endpoint, and Certfly will monitor its SSL certificate status independently of the underlying serverless platform.

What if my serverless domain uses AWS Certificate Manager (ACM)?

ACM often automates renewals, but monitoring with Certfly provides an additional layer of assurance. It catches issues if ACM fails to renew or if there are misconfigurations that prevent a successful renewal, giving you early warning.

Can I monitor multiple custom domains for different serverless environments (dev, staging, prod)?

Yes, you can add and monitor an unlimited number of custom domains within Certfly. This allows you to track the SSL status of all your serverless endpoints across various development and production stages.