NEW Free · Microsoft Teams Workflows · Power Automate
Microsoft Teams SSL Certificate Alerts
Send SSL certificate expiry reminders to any Microsoft Teams channel using the current Workflows / Power Automate webhook path. Build the Teams webhook trigger, post Certimon's card into the channel, and keep 30 / 7 / 1-day reminders out of shared inboxes.
Why route SSL expiry alerts into Microsoft Teams
If your SRE, platform, or web team already lives in Microsoft Teams, that is where outage-prevention signals belong. Email alerts get caught by spam filters and shared-inbox triage delay. A Teams card lands in the same channel as your deploy and on-call notifications, with @mentions, threaded follow-up, and mobile push out of the box.
Certimon delivers to Microsoft Teams through the official Workflows (Power Automate) webhook trigger. The current Teams UI may send you through Workflows first and then into Power Automate to build the flow from scratch.
Pair the Teams destination with Telegram delivery in the same alerting rule so the same expiry crossing reaches both the channel and the on-call engineer's phone — without configuring two separate monitors.
Certificate expiry reminders in Microsoft Teams
Microsoft Teams does not watch your TLS certificates. It does not know when api.example.com renews, when the Let's Encrypt cron stalls, or when a vendor certificate quietly drops off a load balancer. To get certificate expiry reminders into Teams, you need an external monitor that does the polling and posts the result into a channel. That is exactly what Certimon does: the scheduler runs the TLS handshakes on its side, evaluates each domain against your reminder windows, deduplicates per destination, and POSTs a card into the Workflows / Power Automate webhook your channel owns.
Reminder windows are configured per alerting rule, not per destination. The default 30, 7, 1 day setup gives you one card four weeks out (plenty of time to chase a renewal), one card a week before (the on-call engineer's last sane warning), and one card the day before (the cannot-ignore card). You can use any list of integer days, and the per-destination ledger prevents the same domain from posting the same threshold twice — useful when one rule fans out to multiple channels or when you re-attach a rule after editing it.
A quick verification tip: after pasting the webhook URL into Certimon, run Send test message from the destination screen before you attach any rules. Power Automate flows fail silently on the sender side, and a broken webhook caught at setup-time is much cheaper than one caught when a real 7-day reminder needs to fire.
Teams vs Telegram vs Email vs PagerDuty: which reminder channel for which alert?
Certimon currently supports four reminder destinations: Microsoft Teams (Workflows webhook), Telegram (bot or channel), email (per-destination address), and PagerDuty (Events API v2). Each one has a sweet spot. The honest answer is that most teams want two of them on the same rule, not one of them on every rule.
| Channel | Good for | Trade-off |
|---|---|---|
| Microsoft Teams | Team-visible 30 and 7-day reminders in the same channel as deploys and on-call chatter. Threaded follow-up. | Push notifications depend on each user's Teams settings. Cards can get scrolled past in busy channels. |
| Telegram | Reliable mobile push for the on-call engineer, even when they're away from Teams. Works for solo operators with no shared channel at all. | Not where the rest of the team works — bad as the only signal in larger orgs. |
| Audit trail, ticketing-system handoff, distribution lists for compliance reviewers who don't sit in Teams. | Spam filtering, shared-inbox triage delay. Don't rely on email alone for 1-day reminders. | |
| PagerDuty | Real paging with escalation policies. Right for production certificates where a missed expiry is an incident. | Overkill for 30-day heads-up reminders. Page the on-call for the 1-day window, not the 30-day one. |
The hybrid most teams land on: bind one rule to Microsoft Teams (30 and 7-day reminders) so the whole channel sees the heads-up, and add Telegram or PagerDuty on the same rule for the 1-day reminder so the on-call engineer can't miss it. Certimon's per-destination dedup means you get one card per channel per threshold, not four copies of the same alert.
Setup: Microsoft Teams SSL alerts in five steps
The current Teams setup uses Workflows and Power Automate. You create a webhook trigger, add the Post card in a chat or channel action, then paste the generated HTTP POST URL into Certimon.
-
1
Open Workflows from the target Teams channel
In Microsoft Teams, navigate to the channel that should receive the SSL alerts (e.g.
#sre-alerts). Click the three-dot menu next to the channel name and choose Workflows.If Teams shows a Build in Power Automate prompt, continue into Power Automate. The flow is still available from the channel's Workflows list after it is saved.
-
2
Build from scratch and select the webhook trigger
Choose Build from scratch, search for Teams, and select When a Teams webhook request is received under Triggers.
If the compact Workflows screen only shows a small trigger list, choose Build with Power Automate to see more triggers, then search from the full Power Automate designer.
-
3
Allow Certimon to call the trigger
In the trigger, set Who can trigger the flow? to Anyone. The tenant-scoped options require Microsoft authentication on every POST, which Certimon does not send.
Save the flow once. Power Automate then generates the HTTP POST URL. Keep it private: anyone with that URL can trigger the flow.
-
4
Post the incoming card to Teams
Add the Microsoft Teams action Post card in a chat or channel. Use Flow bot for Post as, choose the target team and channel, and put the webhook trigger's card content into the card field.
Use this one-way post action for SSL alerts. Avoid the response-waiting Teams card actions because Certimon notifications do not need a user reply for the flow to complete.
-
5
Copy the URL into Certimon and attach domains
Open the Certimon dashboard at app.certimon.com and go to Alerting → Destinations → New destination. Choose Microsoft Teams, paste the generated HTTP POST URL, name the destination, and send a test message.
Create or edit an alerting rule under Alerting → Rules. Bind the Teams destination with reminder windows such as
30, 7, 1days, then attach the rule to the domains you want monitored.
Best practices for Microsoft Teams SSL alerts
A few conventions that keep the channel useful instead of noisy.
Pick the right channel
Route alerts to a low-volume operational channel (e.g. #sre-alerts, #platform-oncall) — not a general team chat. Certificate cards in noisy channels get skimmed past.
Layer reminder windows, don't stack one big one
Use 30, 7, 1 day windows rather than a single 30-day reminder. A single card gets muted and forgotten; three escalating cards do not.
Use one destination per channel, not per domain
Create one Microsoft Teams destination per Workflows webhook (= per channel). Reuse it across rules — the per-destination dedup ledger guarantees one card per threshold crossing per channel.
Mirror critical alerts to a personal channel
Bind the same rule to a Telegram destination too. Production checkout endpoints want both a channel card and a push notification on the on-call phone.
Test before you trust it
Always use Send test message after creating the destination, and again after rotating the webhook URL. Microsoft Teams webhook errors are silent on the sender side until the next real alert fires.
Plan webhook rotation
If the channel owner leaves, the workflow they created keeps working until deleted. Document the destination's owner in the Certimon destination name and rotate the URL when ownership transfers.
Why this guide uses Workflows, not Connectors
Older Teams webhook guides often point to the Office 365 Connector “Incoming Webhook” app. New Teams tenants commonly surface Workflows instead. Certimon is built for that current path: a Power Automate flow with When a Teams webhook request is received plus the Teams Post card in a chat or channel action.
| Workflows webhook (Certimon setup) |
Office 365 Connector (old guides) |
|
|---|---|---|
| Certimon support | ✅ Supported | Not supported |
| Creation path | Build from scratch in Workflows / Power Automate | Older channel connector menu |
| Teams action | Post card in a chat or channel | Older connector payload |
| Setup location | Channel → Workflows → Power Automate | Channel → Connectors |
| Tenant policy dependency | Workflows / Power Automate must be allowed | Connector availability varies by tenant |
FAQ — Microsoft Teams SSL alerts
How do I send SSL certificate expiry alerts to a Microsoft Teams channel?
Create a Teams Workflows flow from scratch with the When a Teams webhook request is received trigger, add the Post card in a chat or channel action, copy the generated HTTP POST URL, then add it as a Microsoft Teams destination in Certimon at app.certimon.com.
Does Certimon use Office 365 Connector webhooks?
No. Certimon uses the supported Microsoft Teams Workflows / Power Automate webhook trigger and expects the generated HTTP POST URL from that flow.
Is sending SSL alerts to Microsoft Teams free?
Certimon is free with unlimited domains and unlimited reminder windows. The Microsoft Teams side uses your tenant's existing Workflows / Power Automate entitlement and policy settings.
Can I route different domains to different Teams channels?
Yes. Create one Microsoft Teams destination per Workflows webhook (one per channel) and separate alerting rules per group of domains. The same rule can also fan out to Telegram or PagerDuty so the same expiry event reaches multiple teams.
What does a Certimon SSL alert look like in Microsoft Teams?
Certimon sends a Teams card containing the domain, expiry timestamp, days remaining, and severity. Alerts are deduplicated per destination so the channel only sees one card per crossing of each threshold.
How do I set up certificate expiry reminders for Microsoft Teams users?
Add Certimon as a webhook-based reminder source. Build a Workflows / Power Automate flow with the When a Teams webhook request is received trigger, post the card to the target channel, then in Certimon add the generated URL as a Microsoft Teams destination and bind it to an alerting rule with reminder windows (for example 30, 7, 1 days before expiry). Microsoft Teams itself does not send SSL certificate expiry reminders natively — Certimon supplies the schedule, payload, and per-destination dedup.
What reminder windows can I configure for Teams notifications?
Reminder windows are configured per alerting rule and are independent of the destination. A typical setup uses 30, 7, 1 days before expiry, but any list of integer days is accepted. Each crossing posts one card to the Microsoft Teams channel; the per-destination ledger prevents duplicates if the same domain trips the same window twice.
Does Microsoft Teams send SSL certificate expiry reminders by itself?
No. Microsoft Teams has no built-in certificate expiry monitor. You need an external monitor (such as Certimon) that watches the certificate and posts a card into a Teams channel via a Workflows / Power Automate webhook. Certimon handles the TLS handshakes, scheduling, deduplication, and the card payload — Teams only receives and renders the message.
How do I rotate or revoke the Microsoft Teams webhook URL?
Open Workflows in Microsoft Teams or Power Automate, edit the flow with the When a Teams webhook request is received trigger, and copy or regenerate the HTTP POST URL after saving. Paste the new URL into the matching destination in the Certimon dashboard. To revoke entirely, delete the flow — Certimon will mark the destination as failing on the next send.
Do I need to be a Microsoft 365 admin to set this up?
In many tenants, no. Any user with rights to add a workflow can create the flow from the channel's Workflows menu. If your tenant restricts Workflows or Power Automate connectors, a Teams or Power Platform admin needs to allow the Microsoft Teams connector and the webhook trigger.
Related guides
Telegram SSL certificate alerts
The original Certimon delivery channel — bind it alongside Teams for on-call phone push.
Free SSL certificate monitoring
Unlimited domains, free forever — the full pricing & limits overview.
SSL monitoring for small teams
Pairing channel alerts (Teams) with personal alerts (Telegram) for the whole on-call rotation.
Datadog SSL monitoring alternative
When a focused, free SSL-expiry-to-Teams alert is enough — and when it isn't.
Get SSL alerts into your Teams channel in ten minutes
Build the Teams webhook flow, paste the generated HTTP POST URL into Certimon, attach it to your domains, and stop chasing expiry emails through shared inboxes.
Open the Certimon dashboard