**Account Registration**

Get started with CertAlert's SSL certificate monitoring platform.

**Sign Up Process:**
1. Visit certalert.pro and click "Get Started"
2. Choose your email and password
3. Verify your email address (check spam folder if needed)
4. Complete your profile with contact information

**Subscription Plans Available:**
• **Free**: 5 domains, 24-hour monitoring, email notifications
• **Starter ($7/month)**: 25 domains, 6-hour monitoring, API access, teams
• **Professional ($19/month)**: 100 domains, 1-hour monitoring, all notifications
• **Business ($49/month)**: 500 domains, 15-minute monitoring, unlimited features

**Account Security:**
• Strong password with 8+ characters required
• Secure session management with automatic logout
• Account activity tracking and audit logs
• Session revocation capabilities

**Pro Tip:** Start with the Free plan to test with your 5 most critical domains, then upgrade based on your needs.

**Domain Setup**

Add domains to start monitoring their SSL certificates.

**Adding Domains:**
1. Navigate to Dashboard → Domains → "Add Domain"
2. Enter domain name (example.com - no https:// or www)
3. Add relevant tags for organization (production, api, critical)
4. Click "Add Domain" to begin monitoring

**Domain Format Requirements:**
• ✅ Correct: example.com, api.example.com, app.company.com
• ❌ Incorrect: https://example.com, www.example.com/, example.com/path

**Initial Certificate Check:**
• CertAlert performs immediate certificate discovery
• First check usually completes within 1-2 minutes
• Domain status changes from PENDING to ACTIVE when successful
• Certificate details appear in dashboard

**Domain Tagging:**
Organize domains with meaningful tags:
```bash
# Examples of useful tags
production, staging, development    # Environment
api, web, database, cdn            # Service type  
critical, high, medium, low        # Priority level
team-backend, team-frontend        # Team ownership
customer-facing, internal          # Visibility
```

**Troubleshooting First Domain:**
• **Connection timeout**: Check if port 443 is accessible
• **Certificate not found**: Verify domain has valid SSL certificate
• **DNS resolution error**: Ensure domain resolves correctly
• **Invalid certificate**: Self-signed certificates show as INVALID status

**Manual Certificate Check:**
Force immediate certificate check if needed:
```bash
# Via API (requires Starter+ plan)
POST /api/domains/{domainId}/check

# Via Dashboard
Domain Details → "Check Now" button
```

**Monitoring Configuration**

Customize monitoring frequency and alert thresholds based on your needs and subscription plan.

**Monitoring Frequencies by Plan:**
• **Free Plan**: 24 hours (daily checks)
• **Starter Plan**: 6 hours (4 times daily) 
• **Professional Plan**: 1 hour (hourly checks)
• **Business Plan**: 15 minutes (rapid monitoring)

**Default Alert Thresholds:**
CertAlert uses these default alert thresholds: [30, 14, 7, 3, 1] days before expiration

**Customizing Alert Thresholds:**
```bash
# Conservative approach for stable systems
alertThresholds: [30, 14, 7]

# Aggressive approach for critical systems  
alertThresholds: [45, 30, 14, 7, 3, 1]

# Development/testing systems
alertThresholds: [14, 7, 1]
```

**Domain Monitoring Settings:**
1. Go to Domain Details → Monitoring Settings
2. Adjust check frequency (within plan limits)
3. Configure alert thresholds
4. Enable server health monitoring (Starter+ plans)
5. Save settings

**Server Health Monitoring (Starter+ Plans):**
• Monitors HTTP/HTTPS response
• Tracks response time and uptime
• Detects server downtime and recovery
• Configurable retry attempts

**Enable Server Health:**
```bash
# Via Domain Settings
serverHealthEnabled: true
serverRetryAttempts: 3
```

**Monitoring Best Practices:**
• Use shorter intervals for critical production systems
• Set longer intervals for development/testing domains
• Enable server health for customer-facing services
• Tag domains by priority for easier management

**Notification Configuration**

Configure multiple notification channels to ensure you never miss certificate expiration alerts.

**Available Notification Channels:**

**Email (All Plans):**
• Default notification method
• Multiple recipients supported
• HTML formatted messages
• Reliable delivery guaranteed

**Slack Integration (Starter+ Plans):**
1. In Slack: Apps → Incoming Webhooks → Add to Slack
2. Choose target channel (#alerts, #devops)
3. Copy webhook URL
4. In CertAlert: Domain Settings → Notifications → Slack
5. Paste webhook URL and test connection

**Microsoft Teams Integration (Professional+ Plans):**
1. Teams → Channel → Connectors → Incoming Webhook
2. Configure webhook name: "CertAlert"
3. Copy webhook URL
4. Configure in CertAlert domain settings

**Discord Integration (Professional+ Plans):**
1. Discord → Channel Settings → Integrations → Webhooks
2. Create webhook named "CertAlert"
3. Copy webhook URL and configure in CertAlert

**SMS Notifications (Professional+ Plans):**
1. Account Settings → Notifications → Phone Number
2. Enter international format: +1 555 123 4567
3. Verify via SMS code
4. Configure per-domain SMS settings
5. Use "Critical Only" mode to minimize costs

**Custom Webhooks (Starter+ Plans):**
• Integrate with PagerDuty, OpsGenie, JIRA
• HMAC signature authentication
• Configurable HTTP methods
• Custom payload structure

**Notification Setup Examples:**

**Critical Production System:**
```bash
{
  "emailEnabled": true,
  "emailRecipients": ["devops@company.com", "oncall@company.com"],
  "emailThreshold": [30, 14, 7, 3, 1],
  
  "slackEnabled": true,
  "slackThreshold": [14, 7, 3, 1],
  
  "smsEnabled": true,
  "smsThreshold": [3, 1]
}
```

**Development System:**
```bash
{
  "emailEnabled": true,
  "emailRecipients": ["developers@company.com"],
  "emailThreshold": [14, 7, 1],
  
  "slackEnabled": false,
  "smsEnabled": false
}
```

**Testing Notifications:**
Test notification channels after configuration:
```bash
# Test single channel
POST /api/notifications/test
{
  "channel": "slack",
  "domainId": "your-domain-id"
}

# Test multiple channels
POST /api/notifications/test/multiple
{
  "channels": ["email", "slack"],
  "domainId": "your-domain-id"
}
```

**Team Management**

Collaborate with team members on certificate monitoring with role-based access control.

**Creating Your First Team:**
1. Navigate to Teams → "Create Team"
2. Enter team name: "DevOps Team"
3. Add team description
4. Save team settings

**Inviting Team Members:**
1. Team Details → Members → "Invite Member"
2. Enter colleague's email address
3. Select appropriate role (ADMIN, MEMBER, VIEWER)
4. Send invitation
5. Member receives email invitation to join

**Team Roles:**

**OWNER**
• Full control including billing and team deletion
• Can manage all team members and domains
• Subscription holder role

**ADMIN**
• Domain management (create, edit, delete)
• Invite and manage team members
• Configure monitoring and alert settings
• Cannot access billing or delete team

**MEMBER**
• View team domains and certificates
• Perform manual certificate checks
• View alerts and notifications
• Cannot modify settings or invite users

**VIEWER**
• Read-only access to team domains
• View certificate status and history
• Cannot perform any actions
• Ideal for stakeholders and reporting

**Team Domain Assignment:**
1. Go to Domain Details → Team Settings
2. Assign domain to team
3. Team members inherit access based on role
4. Domain-level permissions override team permissions

**Team Member Limits by Plan:**
• **Free**: No teams available
• **Starter**: Up to 5 team members
• **Professional**: Up to 15 team members
• **Business**: Up to 50 team members

**Team Workflow Example:**
1. DevOps team monitors production certificates
2. Certificate expires in 7 days (automatic alert)
3. Slack notification sent to team channel
4. Team ADMIN assigns renewal task to MEMBER
5. MEMBER coordinates certificate renewal
6. Team verifies successful renewal in CertAlert

**Best Practices:**
• Create teams based on functional areas (DevOps, Security, Frontend)
• Use VIEWER role for managers and stakeholders
• Assign domains to appropriate teams
• Regular access reviews for team membership

**API Integration**

Integrate CertAlert with your existing infrastructure using the REST API.

**Getting API Access:**
1. Account Settings → API Keys → "Create API Key"
2. Enter descriptive name: "Production Monitoring"
3. Set expiration date (recommended: 1 year)
4. Copy API key (starts with 'ca_')
5. Store securely in environment variables

**API Authentication:**
```bash
# Using X-API-Key header (recommended)
curl -H "X-API-Key: ca_your_api_key" \
     https://api.certalert.pro/domains

# Using Authorization header
curl -H "Authorization: Bearer ca_your_api_key" \
     https://api.certalert.pro/domains
```

**Basic API Operations:**

**Add Domain via API:**
```bash
curl -X POST https://api.certalert.pro/domains \
  -H "X-API-Key: ca_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "api.example.com",
    "tags": ["production", "api", "automated"]
  }'
```

**List Domains:**
```bash
curl -H "X-API-Key: ca_your_api_key" \
     https://api.certalert.pro/domains
```

**Get Expiring Certificates:**
```bash
curl -H "X-API-Key: ca_your_api_key" \
     "https://api.certalert.pro/certificates/expiring?days=30"
```

**Bulk Domain Import:**
```bash
# Create domains.csv file:
# domain,tags
# app1.company.com,"production,web"
# app2.company.com,"production,api"

curl -X POST https://api.certalert.pro/domains/bulk-import \
  -H "X-API-Key: ca_your_api_key" \
  -F "file=@domains.csv"
```

**CI/CD Integration Example:**
```yaml
# GitHub Actions workflow
name: Add Domain to Monitoring
on:
  deployment:
    
jobs:
  add-domain:
    runs-on: ubuntu-latest
    steps:
    - name: Add deployed domain
      run: |
        curl -X POST https://api.certalert.pro/domains \
          -H "X-API-Key: ${{ secrets.CERTALERT_API_KEY }}" \
          -H "Content-Type: application/json" \
          -d '{
            "name": "${{ github.event.deployment.environment }}.company.com",
            "tags": ["production", "ci-cd"]
          }'
```

**Python Integration Example:**
```python
import requests

api_key = "ca_your_api_key"
headers = {"X-API-Key": api_key}

# Add domain
response = requests.post(
    "https://api.certalert.pro/domains",
    headers=headers,
    json={
        "name": "new-api.company.com",
        "tags": ["production", "api"]
    }
)

domain = response.json()
print(f"Added domain: {domain['name']}")
```

**API Security:**
• Store API keys in secure environment variables
• Never commit API keys to source control
• Use separate keys for different environments
• Monitor API key usage in account settings
• Rotate keys annually

**Understanding Your Dashboard**

Navigate the CertAlert dashboard to monitor your SSL certificates effectively.

**Dashboard Sections:**

**Overview Cards:**
• Total domains being monitored
• Healthy certificates count
• Certificates expiring soon (30 days)
• Expired certificates requiring attention

**Expiring Certificates Timeline:**
• Shows next 5 certificates expiring
• Color-coded by urgency (red: critical, yellow: warning)
• Direct links to certificate details
• Days remaining countdown

**Recent Alerts:**
• Latest certificate and server alerts
• Alert type and timestamp
• Affected domain information
• Alert acknowledgment status

**Quick Actions:**
• Add new domain
• Test notifications
• View certificate details
• Access team settings

**Domain Management:**
• Complete domain listing with pagination
• Filter by status, tags, or team
• Search by domain name
• Bulk actions for multiple domains

**Certificate Details:**
• Certificate subject and issuer
• Validity dates and expiration countdown
• Certificate chain information
• Raw certificate viewing
• Historical certificate changes

**Next Steps for Growth:**

**Immediate Actions (First Week):**
1. Add your 5 most critical domains (Free plan)
2. Configure email notifications
3. Test notification delivery
4. Review certificate expiration timeline
5. Set up appropriate alert thresholds

**Short-term Goals (First Month):**
1. Consider upgrading to Starter plan for API access
2. Set up Slack integration for team notifications
3. Create teams and invite colleagues
4. Implement server health monitoring
5. Configure webhooks for automation

**Long-term Strategy (First Quarter):**
1. Upgrade to Professional plan for comprehensive monitoring
2. Implement SMS notifications for critical alerts
3. Integrate with CI/CD pipelines
4. Set up comprehensive webhook automation
5. Establish certificate renewal processes

**Pro Tips:**
• Use domain tags consistently for better organization
• Set up multiple notification channels for redundancy
• Test notifications monthly to ensure delivery
• Monitor notification health status regularly
• Document your certificate management processes

**Getting Help:**
• Documentation: Complete API and feature documentation
• Email Support: support@certalert.pro
• Contact Form: Available in account settings
• Feature Requests: Use contact form for suggestions

**Monitoring Best Practices:**
• Start with conservative alert thresholds
• Enable server health for production domains
• Use teams for access control and collaboration
• Implement API automation for scale
• Regular review of certificate inventory

**Plan Upgrade Considerations:**
• **Starter Plan**: When you need more than 5 domains or API access
• **Professional Plan**: When you need SMS alerts or 100+ domains
• **Business Plan**: For enterprise scale (500+ domains) and fastest monitoring

Your SSL certificate monitoring journey starts here. CertAlert provides the tools and automation to prevent certificate-related outages and maintain secure communications across your infrastructure.