C
// BUILT FOR REAL NEEDS

I built CertFleet because the alternatives were too expensive.

I'm Cedric, a developer at MCS. I needed reliable SSL/TLS and uptime monitoring for our own sites and applications. The tools on the market were either bloated observability platforms or charged too much for simple certificate expiry alerts.

Create free account → Try the free checker See pricing How monitoring works
// THE BUILDER

Cedric

Full-stack developer focused on reliable infrastructure and developer experience. I created CertFleet to solve a concrete problem we had at MCS: keeping certificates and uptime under control without paying for an entire observability suite.

The product is intentionally narrow: it does SSL/TLS monitoring + uptime checks extremely well, with generous free tier and fair pricing.

// COMPANY & LOCATION
MCS
5Q Avenue des Naudières
44800 Saint-Herblain, France
MCS is currently in the process of incorporation.
Independently operated from France (near Nantes).
All core services run on Cloudflare's global network.
TLS probe located in Europe (europe-west1).
// ARCHITECTURE

Clear, minimal, and built on modern primitives.

Everything is designed for reliability, low cost, and transparency. No unnecessary services.

High-level system
CertFleet architecture overview: Astro landing, React app, Hono API on Cloudflare connected to D1, KV, external TLS probe in Europe and crt.sh

The only component outside Cloudflare is the passive TLS probe (Workers cannot read the full served X.509 certificate).

Certificate check flow
CertFleet certificate verification flow showing live TLS probe combined with Certificate Transparency logs
Monitoring & alerting loop
CertFleet monitoring and alerting architecture with 1-minute cron, idempotent alerts via email, Slack and webhooks
IN ACTION

Real interfaces

Homepage of CertFleet showing the live fleet timeline of monitored certificates

Real homepage — fleet timeline with live status.

See it live →
Real screenshot of the free SSL Certificate Checker

Free public checker — actual interface.

Try it yourself →
Real screenshot of CertFleet pricing page

Pricing and plans (real UI).

View pricing →
// DATA PROTECTION

RGPD / GDPR compliance

Data controller

MCS (currently being incorporated)
5Q Avenue des Naudières
44800 Saint-Herblain, France

What data we process
  • Public checker: only the hostname you submit (no personal data, rate-limited + protected by Cloudflare Turnstile).
  • Accounts: email address (from password signup or OAuth Google/GitHub), user ID.
  • Monitored resources: the hostnames, ports, and full URLs you explicitly add to monitor (chosen by you).
  • Alert channels: email addresses, Slack webhook URLs, or custom webhook URLs you configure.
  • Technical data: minimal logs for rate limiting, abuse prevention and debugging (IP addresses are not stored long-term for the public checker).
Purposes & legal basis

We process data only to provide the monitoring and alerting service you requested (contract performance) and to prevent abuse. We do not sell data or use it for advertising.

Where data lives
  • Primary storage: Cloudflare D1 (SQLite) and KV — global but with strong privacy controls.
  • Emails sent via Resend (EU-friendly routing when possible).
  • Passive TLS probe: short-lived requests only (hostname in, certificate details out). No storage of your traffic or content.
  • Certificate Transparency data: fetched from public crt.sh (no personal data involved).
Retention & deletion

Check history and monitors are kept as long as the resource is monitored or until you delete it from your account. You can delete domains, monitors, or your entire account at any time from the dashboard. Alerts are idempotent (we track what was already sent to avoid duplicates).

Your rights (RGPD)

You have the right to access, rectify, erase, restrict processing, data portability, and to object. For any request, contact us at the address above or via the support channels in the app. We will respond within legal timeframes.

Security & design choices
  • Passive TLS reading only — we never scan ports or attempt exploitation.
  • Auth sessions stored in KV with short TTL, httpOnly + Secure cookies.
  • Public checker protected by Turnstile + per-IP rate limiting in KV.
  • No unnecessary third-party analytics or trackers on the landing or app.
Last updated: June 2026. This page is part of our commitment to transparency. For any question about data processing, write to us using the contact details above.

Questions about how we build or protect data?

Try the checker Start free account
// EXPLORE MORE
Free SSL Checker (no login) Pricing & plans Why monitor SSL certificates Continuous monitoring explained Privacy & full RGPD policy CertFleet vs Datadog