Automates SSL checks and renewals by pulling domains from Notion, verifying expiry with SSL-Checker, renewing via SSH when needed, and notifying via Telegram.
Pulls domain records from Notion and checks SSL certificate validity for each domain using SSL-Checker. Compares expiry dates to a 14-day threshold and, if near expiry, triggers remote renewal via SSH using Certbot. Updates Notion with current SSL status and sends Telegram notifications for renewals or issues, enabling teams to act quickly.
Orchestrates Notion data retrieval, SSL checks, conditional renewal, and Telegram notifications.
Retrieve domain list from Notion.
Validate SSL certificates via SSL-Checker.
Evaluate expiry thresholds to identify certificates due for renewal.
Trigger remote renewal via SSH using Certbot.
Notify on Telegram about renewals or failures.
Sync renewal results back to Notion.
This AI agent replaces manual SSL management with an auditable, automated flow that reduces outages and keeps stakeholders informed.
A simple 3-step flow anyone can follow.
Retrieve all domain records from Notion, remove duplicates, and log who triggered the run to maintain an audit trail.
Send a request to SSL-Checker for each domain and collect expiry data into a consolidated status report.
If any certificate expires within 14 days, SSH into the remote server to run Certbot renewal, then Telegram-notify and re-run verification; if all are valid, update Notion and notify if the workflow is re-called.
One realistic scenario.
Scenario: A domain example.com stored in Notion shows SSL expiry in 12 days. The AI Agent fetches the domain, queries SSL-Checker, and detects imminent expiry. It then SSH-renews the certificate on the remote host using Certbot and sends a Telegram alert about the renewal. After renewal, the agent re-verifies the certificate, updates Notion with the new expiry date, and sends a confirmation Telegram message.
Relevant roles and concrete benefits.
Needs proactive expiry detection to prevent outages.
Requires centralized Notion-based domain management.
Manages SSL across multiple domains and servers.
Wants automatic remediation to maintain uptime.
Requires an auditable renewal trail.
Receives timely alerts for certificate issues.
Connects Notion, SSL-Checker, Telegram, and remote renewal tooling.
Reads domain records and updates SSL status back to Notion.
Returns expiry dates and validity for each domain.
Sends real-time alerts for expiries and renewals.
Performs certificate renewal on remote hosts during renewal flow.
Provides secure channel to execute renewal commands on remote servers.
Concrete scenarios where this AI agent shines.
Common questions and practical answers.
The agent collects expiry data from SSL-Checker and flags any certificate with days until expiry less than 14. It then initiates the renewal workflow automatically, without manual approval, unless you configure a manual override. The system logs trigger events and renewal attempts for auditing. You can adjust the threshold to fit your risk tolerance. If a renewal succeeds, the subsequent check confirms the certificate is valid before notifying teams.
If SSL-Checker reports an error for a domain, the agent logs the issue and sends a Telegram alert with details. It will skip renewal for that domain in that cycle and re-check on the next run. The system stores the failed domain in Notion with a status flag for follow-up. You can configure retry behavior and escalation rules as needed.
Yes. The agent can be configured to read specific Notion properties and update a chosen set of fields after renewal. This enables your team to maintain a clean data model and correlate SSL status with project metadata. Changes can be made via configuration without altering the core automation flow. An audit trail is preserved for traceability.
The default flow is fully automatic for certificates nearing expiry, with Telegram alerts providing visibility. If you prefer, you can insert a manual approval step before the SSH renewal. Renewal actions are performed on the remote server using Certbot, and the outcome is re-verified automatically. The Notion update reflects the final status.
If a renewal attempt fails, the agent logs the failure, sends a Telegram alert with error details, and retries according to a defined policy. It also preserves an audit trail in Notion. You can configure alternate remediation actions or notify on-call personnel in case of repeated failures.
Telegram is the default channel in this workflow, but the architecture supports additional channels if integrated (for example, email or other messaging apps). You can customize the notification content and trigger points for expiries and renewals. All notifications include context such as domain, expiry date, and renewal result to support quick triage.
Yes, when properly configured, the flow is deterministic, auditable, and guarded by role-based access. All actions on the remote server occur via SSH with authenticated credentials, and renewal commands (Certbot) are executed in a controlled environment. The Notion-backed data model provides a single source of truth, and Telegram notifications keep teams informed without exposing sensitive details.
Automates SSL checks and renewals by pulling domains from Notion, verifying expiry with SSL-Checker, renewing via SSH when needed, and notifying via Telegram.
