Adobe Commerce Cloud provisions production, staging, and integration with separate SSL.
Each environment expires independently — and Fastly CDN adds another SSL layer on top.
Magento agencies on Adobe Commerce Cloud manage SSL for at least three environments per client — production, staging, and integration — each with certificates provisioned separately and expiring on different dates. Fastly is the default CDN for Magento Cloud: custom domain SSL is provisioned by Fastly independently from the Magento application server. Magento Multi-Store runs multiple client store domains from one install, each with its own certificate. Merlonix monitors SSL and DNS so you see expiry before clients do.
No credit card for the trial. Cancel any time.
- Check cadence (Agency)
- 5 min
- SSL pre-expiry alert
- 30 days
- Independent DNS resolvers
- 3
- Vendors watched
- 11
Where Magento agencies get caught out
Three failure modes specific to Magento client deployments on Adobe Commerce Cloud and Nexcess.
Magento agencies managing Adobe Commerce Cloud environments deal with per-environment SSL that expires independently, Fastly CDN TLS provisioning that breaks when the CNAME changes, and Multi-Store domain SSL that is managed separately across every store view.
Adobe Commerce Cloud provisions production, staging, and integration environments with independent SSL that expires on different dates
Magento agencies on Adobe Commerce Cloud manage at least three environments per client — production, staging, and integration — each with its own custom domain mapping and SSL certificate provisioned separately through the Magento Cloud project dashboard
Adobe Commerce Cloud assigns each environment a unique URL and supports custom domain mapping for each. When agencies add client domains to Magento Cloud environments — connecting production.clientstore.com to the production environment and staging.clientstore.com to the staging environment — each domain's SSL certificate is provisioned separately. The certificates are linked to the custom domain configuration for that specific environment, not to a shared SSL policy across all environments. Staging and integration environment SSL certificates receive less attention than production: they are used for internal reviews, client previews, and QA testing, and their SSL errors are often dismissed as "just staging." When a client's QA team begins a pre-launch review of a new feature on the staging environment and encounters an SSL warning, the investigation interrupts the review cycle. Integration environment SSL expiry before a scheduled release triggers delays when CI/CD pipelines or external monitoring tools begin failing SSL handshakes against the integration domain.
Fastly CDN provisions custom domain SSL independently from the Magento application server — and Fastly's TLS provisioning requires different CNAME targets than the origin
Adobe Commerce Cloud uses Fastly as its default CDN and edge layer. When agencies configure custom domains for a Magento Cloud store, the DNS CNAME points at a Fastly hostname — not directly at the Magento origin. Fastly provisions SSL for the custom domain independently through its TLS service
In a standard Magento Cloud setup, the custom store domain (clientstore.com) is routed through Fastly: the DNS CNAME points at a Fastly edge hostname, and Fastly terminates SSL at the edge before forwarding traffic to the Magento Cloud origin. The SSL certificate on clientstore.com is owned by Fastly's TLS provisioning service — not by the Magento application server. When the client's DNS configuration changes — a registrar migration, a DNS provider change, or an IT infrastructure consolidation — and the Fastly CNAME is not correctly replicated in the new DNS zone, Fastly's TLS certificate renewal fails at the next cycle. The existing certificate serves until its expiry. The failure is discovered when the Fastly TLS certificate expires and the store begins returning SSL errors — not when the DNS change occurred, which may have been months earlier.
Magento Multi-Store runs multiple client store views on different domains from a single Magento install — each store domain has independent SSL
Magento's Multi-Store feature allows one Magento installation to serve multiple store views on separate domains — a common pattern for brand families, regional stores, and B2B wholesale portals. Each store domain has an independent SSL certificate and DNS configuration managed separately
Magento agencies building enterprise client portfolios routinely set up Multi-Store configurations: clientbrand.com (retail), wholesale.clientbrand.com (B2B portal), clientbrand.fr (French regional store), and clientbrand.de (German regional store) might all run from one Magento install, each mapped as a separate store view with its own SSL certificate and DNS configuration. SSL certificates for the wholesale and regional store domains are provisioned separately from the primary store — through Fastly custom TLS, self-managed Certbot on a VPS, or a CDN service like Cloudflare. The B2B wholesale portal and regional store domains typically receive less SSL monitoring attention than the primary retail domain. When the German regional store certificate expires and German customers encounter SSL warnings during checkout, the agency receives an escalation specifically about the German market — which requires investigating an SSL configuration that may have been provisioned by a different team member than the one monitoring the primary store.
How it works
SSL and DNS monitoring for Magento stores on Adobe Commerce Cloud, Nexcess, and Fastly.
Merlonix monitors CNAME integrity and SSL health across every Magento environment — production, staging, and integration — along with Multi-Store domains and Fastly-routed custom domain SSL.
01
Add production, staging, and integration domains, Multi-Store domains, and wholesale portal subdomains
Verify ownership with a DNS TXT record on the apex domain. Adobe Commerce Cloud environment domains, Magento Multi-Store domains, B2B portal subdomains, and Fastly-routed custom domain CNAMEs are added without additional verification. Monitoring all environments catches staging and integration SSL expiry before client QA teams or CI/CD pipelines encounter SSL handshake failures. Under two minutes per client.
02
CNAME integrity checks on Fastly edge hostnames and Adobe Commerce Cloud routing
Three independent DNS resolvers check every CNAME delegation on every monitoring interval — whether the target is a Fastly edge hostname for a Magento Cloud custom domain, a Nexcess IP mapping, or a self-managed VPS for a Multi-Store domain. When a client DNS change removes or changes the Fastly CNAME — causing Fastly TLS certificate renewal to fail at the next cycle — the target mismatch is detected immediately. When a Multi-Store regional domain CNAME is misconfigured during a DNS migration, the break is detected before the regional store's SSL expires.
03
SSL monitoring 30 days before expiry across all Magento environments and Multi-Store domains
Full SSL chain validation on every Adobe Commerce Cloud environment domain, Magento Multi-Store domain, and B2B wholesale subdomain. An expiry alert fires 30 days before the certificate expires — enough lead time to verify Fastly TLS renewal status, check Adobe Commerce Cloud certificate health on staging and integration environments, or re-provision a Multi-Store regional domain certificate. All environments are monitored on the same 30-day lead time regardless of traffic volume.
04
Vendor status for Adobe Commerce Cloud, Nexcess, and Fastly
Merlonix monitors Adobe Commerce Cloud, Nexcess, and Fastly platform status alongside client SSL and DNS. When a Fastly TLS incident causes SSL validation failures across multiple Magento Cloud custom domains simultaneously, you see the vendor event — not a cascade of individual client alerts requiring separate investigation to determine whether the cause is a client CNAME misconfiguration or a Fastly platform incident affecting all Magento Cloud stores.
What the numbers mean for Magento agencies
Monitoring built for Magento agencies where one client means three environments and multiple store domains, each with independent SSL.
Magento agencies managing Adobe Commerce Cloud need SSL monitoring that covers every environment subdomain — because staging and integration SSL expiry affects client QA teams and CI/CD pipelines before production is touched, and Fastly TLS failures after a CNAME change surface 90 days later when the certificate expires.
< 10 min
Time from DNS change to alert — catches Fastly CNAME changes that block TLS certificate renewal and Adobe Commerce Cloud staging domain misconfigurations before they affect client QA or CI/CD pipelines
30 days
SSL expiry warning lead time — enough time to verify Fastly TLS renewal status, check Adobe Commerce Cloud environment certificates, or re-provision Multi-Store regional domain SSL before clients see errors
11 vendors
Upstream services monitored — Adobe Commerce Cloud, Nexcess, and Fastly included to distinguish platform incidents from client CNAME changes on Magento deployments
200 assets
Maximum monitored domains on the Agency plan — covers production, staging, integration, Multi-Store regional domains, and B2B wholesale subdomains across a full Magento client roster
Pricing
Flat monthly fee. Every environment domain and Multi-Store subdomain included.
No per-domain charges. No per-environment fees. Pick the tier that fits your Magento client count and monitor every environment without billing surprises.
Starter
For individual Magento developers managing a small client portfolio on Adobe Commerce Cloud or Nexcess.
$29/ month
- 10 monitored assets
- 1 seat
- 15-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Team
For Magento agencies managing multi-environment Adobe Commerce Cloud deployments and Multi-Store clients.
$79/ month
- 50 monitored assets
- 5 seats
- 10-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Agency
For agencies with a full Magento client roster across Adobe Commerce Cloud and enterprise hosting.
$199/ month
- 200 monitored assets
- 15 seats
- 5-min check cadence
- SSL + DNS + vendor monitoring
- Email + Slack alerts
Know when a Magento environment certificate or Fastly CDN SSL is about to expire.
Add your first Magento client domain in under two minutes. Production, staging, and integration environment domains, Multi-Store regional domains, and Fastly-routed custom domain SSL are monitored from the same dashboard. 14-day trial, no card required.