My domains are currently hosted on a VPS with LetsEncrypt set up to automatically renew. If this renewal fails on any domain and causes downtime due to expired certificates, then this market resolves to YES. The ryhl.io domain is set up with CloudFlare proxying in front of it, with CloudFlare pages serving the main domain, but with some of the subdomains being proxied to the VPS.
This resolves to YES if I see an HTTPS certificate error on any of my domains when I try to access the site. It also resolves to YES if someone else tells me that they observed a certificate error (unless that person is trying to manipulate this market). It also resolves to YES if my downtime-detection service (currently updown.io) detects downtime due to HTTPS certificate errors.
Note that this does not only count the error pages generated by the browser itself. If CloudFlare is unable to contact the VPS when proxying a request due to a HTTPS certificate problem between the VPS and CloudFlare, then this also counts.
Note that the CloudFlare configuration is pretty recent. I don't think the LetsEncrypt certificates have been renewed since I added CloudFlare to the domain.
Update: I just got an email from Let's Encrypt saying that my ryhl.io certificates expire on 2024-02-16.
I recommend letsmonitor.org, a free service that can alert you before certificate expire. For example, letsencrypt certificates are supposed to renew automatically when they have 30 days left, so you should set an alarm at 28 days or so.
@AliceRyhl It's worth checking. I was using uptimerobot and I found out the hard way that they don't alert on expired certificates (also you want the alert before expiry).
edit: looks like you can set it to 14 days https://updown.io/doc/ssl-expiration-notifications