Skip to main content
Alerts

Troubleshooting alerts

Why you might not be getting alerts you expect — and how to fix it.

If CertShield doesn’t seem to be alerting you, walk through this checklist. Nine out of ten cases land in the first two items.

1. Check the Event History tab

Open Alerts → Event History. Was the alert even created? The answer tells you which half of the pipeline to debug.

  • Yes, the alert is there with status “Sent” — CertShield delivered it. The problem is downstream (spam filter, wrong inbox, Slack webhook pointing to the wrong channel). Keep reading.
  • Yes, status “Failed” — CertShield tried to deliver it and the channel rejected it. Click the event for the error message.
  • Yes, status “Deferred”Quiet hours are in effect. The alert will go out when the window ends.
  • Yes, status “Pending” — the alert is queued. Give it a minute and refresh.
  • No, nothing at all — the rule didn’t fire. Check whether the rule is actually enabled on the Alert Settings tab.

2. Is the rule enabled?

Go to Alert Settings and make sure the category you expected to fire is toggled on, and that at least one delivery channel (Email or Slack) is enabled on it. A rule with zero channels will happily “fire” and still not notify anyone.

The Send test button on each rule delivers a test notification to every currently-enabled channel. Use it to confirm end-to-end.

3. Check your email spam folder

The most common root cause for “I didn’t get an email alert.” CertShield sends from a consistent sender — once you mark one email as “not spam,” future ones should land in your inbox. Adding the sender to your allow-list helps too.

4. Check your Slack webhook

If Slack alerts stopped working, the usual culprit is a webhook that was revoked or deleted in Slack. Open Settings → Integrations, click your Slack integration, and hit Test. If it fails, generate a new webhook in Slack and update it in CertShield.

5. Check your expiry thresholds

For endpoint expiry alerts specifically: the rule only fires when the certificate crosses one of the thresholds you have enabled. If you disabled the 14-day threshold and only left 7 and 1 on, you won’t hear about the 14-day warning. Go back and toggle on the thresholds you want.

6. Check auto-escalation (Pro and Business only)

On Pro and Business plans, CertShield can automatically escalate a domain’s scan priority when its certificates enter the renewal window. This makes endpoint checks more frequent — which means alerts fire sooner if something goes wrong. If you’re on one of these plans and escalation isn’t happening, it may be that no certificate on the domain is within the renewal window yet.

Still stuck

Hit the Support page in the app, pick “Bug report” as the category, and include:

  • The domain or endpoint you expected to be alerted about.
  • The specific alert type (expiry, unauthorized issuer, etc.).
  • The approximate time you expected the alert.
  • A screenshot of the Event History for that time range, if you can.

We’ll dig in.

What’s next

← Back to Help Center Contact support