Hostname coverage
The certificate must cover the requested hostname through a SAN entry or a matching one-label wildcard.
Review trust, hostname coverage, issuer, validity dates, expiry window, and negotiated TLS protocol for a public domain.
The certificate must cover the requested hostname through a SAN entry or a matching one-label wildcard.
The runtime verifies whether the certificate chain is accepted from this environment. Different clients may carry different trust stores.
This is not monitoring. Use the result as current evidence and keep renewal alerts in your production platform.