Use these API functions to List CertView Certificates to retrieve a list of certificates based on an input filter query and list.
The response contains certificate details, including associated host information and SSL/TLS-related vulnerabilities and grades.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional | String |
Filter the events list by providing a query using Qualys syntax. Refer to the How to Search topic in the online help for assistance with creating your query. For example - expiryGroup: Expired Refer to the list of tokens you can use to build the query: |
|
pageNumber |
Optional | Integer |
The page to be returned. Starts from zero. |
|
pageSize |
Optional | Integer |
Provide the number of records per page to be included in the response. Default: 10. Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
sort |
Optional | String |
Sort the results using a Qualys token. For example - [{"lastFound":"desc"}] |
|
Authorization |
Mandatory | String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
|
certificateDetails |
Optional | String |
Define the level of certificate attributes you want to list. Default value basic is used to fetch commonly used attributes. Use value extended to fetch these additional attributes:
The enhancedKeyUsage attribute returns a list of OIDs in the EKU attribute of the certificate. Some of the most commonly used OIDs are:
For more information, refer to http://www.oid-info.com/ |
Notes:
This API supports both new and old query formats. For more details, refer to the following query example.
|
Example |
If you want to view the certificate with asset name server1. |
|
Old Format |
asset.name:server1 |
|
New Format |
asset:(name:server1) |
If you want to generate a CSV report for more than 10000 certificates, use scheduled reports from Qualys Cloud Platform.
If the data you are looking for is unavailable in CSV reports, use an additional filter instead of requesting all certificates.
You can use the following filters for better results:
Last Found Date < 1 month/3months/6 months
Expiration Date < 1 yr/ between 1yr and 2 yrs/etc
Approved vs. Unapproved CAs vs. Self-signed CAs
API Request
curl -X POST
"<qualys_base_url>/certview/v1/certificates"
-H "Accept: application/json"
-H "Content-Type: application/json"
-d "{ \"filter\" : \"subject.name:www.qualys.com\", \"pageNumber\": 0, \"pageSize\" : 1}"
-H "Authorization: Bearer <JWT Token>"
Response
[
{
"keySize": 2048,
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"instanceCount": 2,
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster
City, ST=California, C=US, serialNumber=3152140,
businessCategory=Private Organization, StateOrProvince=Delaware,
CountryName=US","certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"assets": [
{
"netbiosName": "",
"assetId": "99f29795-4c11-49e1-8898-82e9982b0710",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fadd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1680247510486,
"updated": 1680247131000,
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
},
{
"netbiosName": "",
"assetId": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fadd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1675158036000,
"updated": 1680254412000,
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
}
],
"selfSigned": false,
"validTo": 1707868799000,
"issuerCategory": "DigiCert SHA2 Extended Validation Server
CA","subjectAlternativeNames": {
"DNS Name": [
"www.qualys.com",
"qualys.com",
"docs.qualys.com",
"qualys.dk",
"qualys.us",
"qualys.de",
"qualys.biz",
"nemeannetworks.com",
"qualys.fr",
"www.qualys.eu",
"qualys.io",
"qualysguard.tw",
"www.securityvibes.co.uk",
"qualys.es",
"qualysblog.net",
"qualys.nl",
"qualys.report",
"qualysinsight.com",
"qualysworks.net",
"qualysguard.eu",
"qualysguard.com",
"qualys.eu",
"www.qualysguard.eu"
],
"IP Address": null
},
"lastFound": 1680256864611,
"extendedValidation": true,
"sources": [
"VM",
"QAGENT"
]
}
]
API Request
curl -X POST
"<qualys_base_url>/certview/v1/certificates" -H "Accept: application/json" -H "Content-Type: application/json" -d "{ \"filter\" : \"subject.name:www.qualys.com\", \"pageNumber\": 0, \"pageSize\" : 1, \"certificateDetails\": \"basic\"}" -H "Authorization: Bearer <JWT Token>"
Response
[
{
"keySize": 2048,
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"instanceCount": 2,
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster
City, ST=California, C=US, serialNumber=3152140,
businessCategory=Private Organization, StateOrProvince=Delaware,
CountryName=US","certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"assets": [
{
"netbiosName": "",
"assetId": "99f29795-4c11-49e1-8898-82e9982b0710",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fadd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1680247510486,
"updated": 1680247131000,
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
},
{
"netbiosName": "",
"assetId": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fadd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1675158036000,
"updated": 1680254412000,
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
}
],
"selfSigned": false,
"validTo": 1707868799000,
"issuerCategory": "DigiCert SHA2 Extended Validation Server
CA","subjectAlternativeNames": {
"DNS Name": [
"www.qualys.com",
"qualys.com",
"docs.qualys.com",
"qualys.dk",
"qualys.us",
"qualys.de",
"qualys.biz",
"nemeannetworks.com",
"qualys.fr",
"www.qualys.eu",
"qualys.io",
"qualysguard.tw",
"www.securityvibes.co.uk",
"qualys.es",
"qualysoblog.net",
"qualys.nl",
"qualys.report",
"qualysinsight.com",
"qualysworks.net",
"qualysguard.eu",
"qualysguard.com",
"qualys.eu",
"www.qualysguard.eu"
],
"IP Address": null
},
"lastFound": 1680256864611,
"extendedValidation": true,
"sources": [
"VM",
"QAGENT"
]
}
]
API Request
curl -X POST
"<qualys_base_url>/certview/v1/certificates"
-H "Accept: application/json" -H "Content-Type: application/json"
-d "{ \"filter\" : \"subject.name:www.qualys.com\", \"pageNumber\": 0, \"pageSize\" : 1, \"certificateDetails\": \"extended\"}"
-H "Authorization: Bearer <JWT Token>"
Response
[
{
"keySize": 2048,
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"instanceCount": 2,
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US, serialNumber=3152140,
businessCategory=Private Organization, StateOrProvince=Delaware,
CountryName=US","certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"assets": [
{
"netbiosName": "",
"assetId": "99f29795-4c11-49e1-8898-82e9982b0710",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fa-dd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1680247510486,
"updated": 1680247131000,
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
},
{
"netbiosName": "",
"assetId": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "d2ba3be1-66a3-4d1f-89fa-dd534a2bccc1"
}
],
"primaryIp": "64.39.xx.xxx",
"hostInstances": [
{
"protocol": "tcp",
"sslProtocols": [
"TLSv1.2"
],
"port": 443,
"grade": "A",
"service": "http",
"vulnerabilities": [],
"vulnCount": 0
}
],
"created": 1675158036000,
"updated": 1680254412000,
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.39.xx.xxx"
}
],
"certificateCount": 0
}
],
"selfSigned": false,
"validTo": 1707868799000,
"issuerCategory": "DigiCert SHA2 Extended Validation Server
CA","serialNumber": "05e2ad055846148575bc6476367916b7",
"subjectAlternativeNames": {
"DNS Name": [
"www.qualys.com",
"qualys.com",
"docs.qualys.com",
"qualys.dk",
"qualys.us",
"qualys.de",
"qualys.biz",
"nemeannetworks.com",
"qualys.fr",
"www.qualys.eu",
"qualys.io",
"qualysguard.tw",
"www.securityvibes.co.uk",
"qualys.es",
"qualysoblog.net",
"qualys.nl",
"qualysguard.eu",
"qualysguard.com",
"qualys.eu",
"www.qualysguard.eu"
],
"IP Address": null
},
"lastFound": 1680256864611,
"extendedValidation": true,
"keyUsage": [
"Digital signature",
"Key encipherment"
],
"rawData": "-----BEGIN CERTIFICATE-----
\nMIIIgjCCB2qgAwIBAgIQBeKtBVhGFIV1vGR2NnkWtzANBgkqhkiG9w0BAQsFADB1
.
.
.
\n3qJWZEALApKny0Ee3wTSgny5BNwo2Q==\n-----END CERTIFICATE-----\n","enhancedKeyUsage": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
],
"subjectKeyIdentifier": "09e86635b5be04d2e15799575902a92d7e330fba",
"authKeyIdentifier": "3dd350a5d6a0adeef34a600a65d321d4f8f8d60f",
"sources": [
"VM",
"QAGENT"
]
}
]
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v1/certificates'
-H 'accept: application/json'
-H 'Bearer <JWT Token>'
-H 'Content-Type: application/json'
-d '{
"certificateDetails": "basic",
"filter": "asset:(wasUrl: 'api.example.com') and certificate:(type:
'Leaf')",
"pageNumber": 0,
"pageSize": 10,
"sort": "[{\"lastFound\":"desc\"}]"
}'
Response
[
{
"keySize":2048,
"subject":{
"organization":"Qualys, Inc.",
"locality":"Foster City",
"name":"api.example.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"validFrom":1694649600000,
"signatureAlgorithm":"SHA256withRSA",
"issuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
],
"name":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country":"US",
"state":"",
"certhash":"c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality":""
},
"rootissuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
"www.digicert.com"
],
"name":"DigiCert Global Root G2",
"country":"US",
"state":"",
"certhash":"cb3ccbb76031exxxxxf8dd39a23f9de47ffc35exxxxx44cea27d4xxxxx1cb5f",
"locality":""
},
"instanceCount":2,
"dn":"CN=api.example.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US",
"certhash":"66130b830cfxxxxxfd7ed70144f9xxxxxae0b4304c65xxxxx7bc7257975bd",
"assets":[
{
"netbiosName":"",
"assetId":"da8b9f2c-a594-413d-91b4-b5fc6b125e25",
"name":"api.example.com",
"tags":[
{
"name":"YJ_BU1",
"uuid":"2f0954c3-ffb8-4019-bfc5-7630a23c317d"
}
],
"primaryIp":"192.0.2.0",
"hostInstances":[
{
"protocol":"tcp",
"sslProtocols":[
"SSLv3",
"TLSv1",
"TLSv1.2",
"TLSv1.1"
],
"port":443,
"grade":"C",
"service":"http",
"vulnerabilities":[
{
"title":"SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server
Side Vulnerability (BEAST)",
"severity":3,
"qid":42366
},
{
"title":"Secure Sockets Layer/Transport Layer Security
(SSL/TLS) Use of Weak Cipher Rivest Cipher 4 (RC4/ARC4/ARCFOUR)",
"severity":3,
"qid":38601
},
{
"title":"SSLv3 Padding Oracle Attack Information
Disclosure Vulnerability (POODLE)",
"severity":3,
"qid":38603
}
],
"vulnCount":3
}
],
"created":1715908545114,
"updated":1715908545114,
"assetInterfaces":[
{
"hostname":"api.example.com",
"address":"192.0.2.0"
}
],
"certificateCount":0
},
{
"netbiosName":"",
"assetId":"9c07ae8b-c051-4b9d-8a2d-21075c812658",
"name":" api.example.com",
"operatingSystem":"",
"wasUrl":"https://api.example.com",
"hostInstances":[
{
"protocol":"tcp",
"sslProtocols":[
"SSLv3",
"TLSv1",
"TLSv1.2",
"TLSv1.1"
],
"port":443,
"grade":"C",
"service":"",
"vulnerabilities":[
],
"vulnCount":0
}
],
"created":1715906342000,
"updated":1715906522000,
"assetInterfaces":[
{
"hostname":" api.example.com",
"address":""
}
],
"certificateCount":0
}
],
"selfSigned":false,
"type":"Leaf",
"validTo":1726271999000,
"issuerCategory":"unapproved",
"subjectAlternativeNames":{
"DNS Name":[
"api.example.com"
],
"IP Address":null
},
"lastFound":1715908545114,
"extendedValidation":false,
"sources":[
"VM",
"WAS"
]
}
]