Alerts | Keyfactor Docs

The Alerts section of the Admin Web Console lets you configure email notifications for two types of certificate events: usage and expiration.

Certificate Usage Alerts: Sent every time a certificate is used to sign, either successfully (Allowed) or blocked by a policy (Denied). Use these to monitor high-value certificates, detect unexpected signing activity, or track policy denials.
Certificate Expiration Alerts: Send advance notice before a certificate's expiry date, based on thresholds you define. Use these to ensure you have enough time to renew before a certificate expires and signing breaks.

Both alert types can optionally write to the Events log in addition to sending email, creating an audit trail independent of email delivery.

Prerequisites

Alerts require an SMTP server configured with TLS. This is set up by Keyfactor during deployment. If alerts are not sending, contact support@keyfactor.com to verify your SMTP configuration.
You must have the Signum Administrator role or a role with Alerts permissions to create and manage alerts.

For a walkthrough of setting up expiration alerts as part of a full certificate renewal workflow, see Monitor Certificate Expiry and Renew a Signing Certificate.