The verify certificate option is activated for most https monitors. 

Recently the certificate of one application expired, no warning message was received.

What can be the explanation for this ?

Release : 10.1

Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)

The validity of the certificate chain is verified at the station level.

But the checks for certificate expiry come from the ASM core application servers, not the public stations or OPMS.

If the remaining certificate validity is 21, 14, 7, 3, 2 or 1 days, we send an alert

Port 443 needs to be available and access configured so that our core app servers are able to access the certificate to check its validity and expiry. This is in addition to any configuration / whitelisting that would allow our public stations to check the availability of the site.

We will endeavor to keep this article updated but suggest to contact us if you are not getting certificate expiry emails for sites that are not automatically available to the Internet and have allowed these IPs to reach the site on port 443.

A note on the recipients of the expiry email.

• If there are alert contacts configured for the monitor, these people will receive the certificate expiry email.
• If there are no alert contacts configured for the monitor, the certificate expiry email will be sent to the master account email address.