With all services moving towards SSL there will be a constant battle to keep SSL certificates up to date for active services. Traffic Ops should incorporate an internal monitor for upcoming expirations based on the actual cert source of record. This could be a part of the delivery service configuration data and would also be useful to customers to examine when certs expire.
1. Record or read SSL cert expiration and put into configuration data
2. Allow users access to this data through the API
3. Provide a monitor that runs on a cron to look for certs that expire soon.
4. Alert root operators daily on upcoming expirations