The thing here is that you don't have to keep updating the app with every new host you create that needs to be monitored. CT allows me to detect newly issued certs in your domain, and start monitoring them without manual work on your behalf. And if you issue a cert with a hostname that doesn't yet have a DNS record, the app won't complain - no host means no live cert that can expire :)
Caveat - I have yet figured out how to apply this automated discovery for orgs that use wildcard certs... Suggestions are welcome :)
The thing here is that you don't have to keep updating the app with every new host you create that needs to be monitored. CT allows me to detect newly issued certs in your domain, and start monitoring them without manual work on your behalf. And if you issue a cert with a hostname that doesn't yet have a DNS record, the app won't complain - no host means no live cert that can expire :)
Caveat - I have yet figured out how to apply this automated discovery for orgs that use wildcard certs... Suggestions are welcome :)