As the founder of a 100% bootstrapped company, I reached the point where revenue reached 2.7 million per year and I was ready to start moving on to the second responsibility.
We spent a year building a team of about 20. I systematically delegated all my engineering responsibilities, including management.
At that point, essentially all productivity went in reverse. We never released another product or major revision. I could write a book on the post-mortem, but the big lesson learned is that you should not expect to be able to completely remove yourself from the thing that you nurtured and built. Other people just don't care about it as much as you, or don't have the same talent level or vision.
The cert cabel needed to be disrupted. We are saving 37 * $69 (GoDaddy standard cert price) yearly.
90 day certs can be an issue when you have gobs of them. LetsEncrypt emails the admin before expiration, and they provide an automated way to renew. However, we have 37 certs, which means on average one is expiring roughly every three days.
The renewal process can fail and the emails may go to spam or to someone not available. We needed external monitoring with escalating alerts, so we built https://LetsMonitor.org (forever totally free) to address this.
Please feel free to use it. Again, it is totally, forever free. It is simply a project we built for our own purposes and made public.
Another way to do this is for visitors that are known to be invalid to just decline transactions or require additional verification. For example, users coming from within a datacenter are highly likely to be invalid. A visitor from a spoofed session same thing.
There is an API - REST/JSON based but not yet documented. It will be available soon. With the API, you can get results to pull into your own systems. The application is 100% API based, including being able to add your own monitors without going through the website.
Right now every hour (it may change). The service round robins checks from monitoring stations basically at AWS and Rackspace datacenters. This makes sure the site is reachable from points around the planet and that the certificate is functioning properly. So, in a way it can be used as an external site monitor for downtime. However, that is not its main purpose.
You can see the full log of errors with diagnostics from the 'Results Log' menu item. You're right, there should be a link to the log from the dashboard items.
I'm working on a free LetsEncrypt expiration monitoring service https://letsmonitor.org, since the certs only last three months. The point of this is to get escalating messages via a third party when your cert is about to expire. It also checks the validity of the certs.