List CertView Certificates (v2)
For information on API version, refer to the API Version History section.
v2
Use this API to retrieve certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For example- ASSET_INTERFACES, VULNERABILITIES, SSL_PROTOCOLS, CIPHER_SUITES, ASSET_TAGS, EXTENSIVE_CERTIFICATE_INFO |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
The value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample with a Single Filter and a ParameterSample with a Single Filter and a Parameter
The following sample request specifies page size as 10 and filter as certificate.id and includes the parameter as ASSET_INTERFACES in the request. The request fetches all certificates related to this query. The response has certificate details and related asset and instance summary.
API Request
curl -X POST
'<qualys_base_url>/certview/v2/certificates' -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{\"filter\":{\"filters\":[{\"field\":\"certificate.id\",\"value\":\"string\",\"operator\":\"IS_NOT_EMPTY\"}],\"operation\":\"AND\"},\"pageNumber\":0,\"pageSize\":10,\"includes\":[\"ASSET_INTERFACES\"]}" -H 'Authorization: Bearer <JWT Token>'
Response
[
{
"id": 30029,
"certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"keySize": 2048,
"serialNumber": "05e2ad055846148575bc6476367916b7",
"validToDate": "2024-02-13T23:59:59.000+00:00",
"validTo": 1707868799000,
"validFromDate": "2023-02-13T00:00:00.000+00:00",
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": true,
"createdDate": "2023-03-29T11:16:15.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US, serialNumber=3152140, businessCategory=Private
Organization, StateOrProvince=Delaware, CountryName=US","subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2023-03-31T10:01:05.000+00:00",
"lastFound": 1680256865000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "DigiCert SHA2 Extended Validation Server CA",
"instanceCount": 2,
"assetCount": 2,
"sources": [
"VM",
"QAGENT"
],
"assets": [
{
"id": 21045704,
"uuid": "646c7aa5-cfdc-4294-bea7-xxxxxac03f4",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6404,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"primaryIp": "64.39.xx.xxx"
},
{
"id": 17785749,
"uuid": "99fxxxxx-4c11-49e1-8898-82e9982b0710",
"netbiosName": "",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6442,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"primaryIp": "64.39.xx.xxx"
}
]
}
]
Sample with Multiple Filters and Multiple ParametersSample with Multiple Filters and Multiple Parameters
The following sample request specifies page size as 10 and two filters as certificate.id , certificate.hash and includes the parameters as ASSET_INTERFACES and ASETS_TAGS in the request; the request fetches all certificates related to this query. The response has certificate details and related asset and instance summary.
API Request
curl -X POST
"<qualys_base_url>/certview/v2/certificates" -H "Accept: application/json" -H "Content-Type: application/json" -d {\"filter\":{\"filters\":[{\"field\":\"certificate.id\",\"value\":\"string\",\"operator\":\"IS_NOT_EMPTY\"},{\"field\":\"certificate.certhash\",\"value\":\"466dc3a5d7e15c4c4d518eb910f92c968e26f6d0f00dd77df04c2b4a163ec71e\",\"operator\":\"EQUALS\"}],\"operation\":\"AND\"},\"pageNumber\":0,\"pageSize\":10,\"includes\":[\"ASSET_INTERFACES\",\"ASSET_TAGS\"]}" -H "Authorization: Bearer <JWT Token>"
Response
[
{
"id": 30029,
"certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"keySize": 2048,
"serialNumber": "05e2ad055846148575bc6476367916b7",
"validToDate": "2024-02-13T23:59:59.000+00:00",
"validTo": 1707868799000,
"validFromDate": "2023-02-13T00:00:00.000+00:00",
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": true,
"createdDate": "2023-03-29T11:16:15.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US, serialNumber=3152140, businessCategory=Private
Organization, StateOrProvince=Delaware, CountryName=US","subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2023-03-31T10:01:05.000+00:00",
"lastFound": 1680256865000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "DigiCert SHA2 Extended Validation Server CA",
"instanceCount": 2,
"assetCount": 2,
"sources": [
"VM",
"QAGENT"
],
"assets": [
{
"id": 21045704,
"uuid": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6404,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"primaryIp": "64.39.xx.xxx"
},
{
"id": 17785749,
"uuid": "99f29795-4c11-49e1-8898-82e9982b0710",
"netbiosName": "",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6442,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"primaryIp": "64.39.xx.xxx"
}
]
}
]
Sample with a Single Filter and a Parameter as DateSample with a Single Filter and a Parameter as Date
The following sample request specifies filter as certificate.validFromDate and includes the parameter as date in the request. The request fetches all certificates related to this query. The response has certificate details and related asset and instance summary.
API Request
curl -X POST
"<qualys_base_url>/certview/v2/certificates" -H "accept: application/json" -H ""Content-Type: application/json" -d "{\"filter\":{\"filters\":[{\"field\":\"certificate.validFromDate\",\"value\":\"2022-09-22 00:00:00\",\"operator\":\"GREATER_THAN_EQUAL\"}],\"operation\":\"AND\"},\"pageNumber\":0,\"pageSize\":1,\"includes\":[\"ASSET_INTERFACES\"]}" -H "Authorization: Bearer <JWT Token>"
Response
[
{
"id": 30029,
"certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"keySize": 2048,
"serialNumber": "05e2ad055846148575bc6476367916b7",
"validToDate": "2024-02-13T23:59:59.000+00:00",
"validTo": 1707868799000,
"validFromDate": "2023-02-13T00:00:00.000+00:00",
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": true,
"createdDate": "2023-03-29T11:16:15.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster
City, ST=California, C=US, serialNumber=3152140,
businessCategory=Private Organization, StateOrProvince=Delaware,
CountryName=US","subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2023-03-31T10:01:05.000+00:00",
"lastFound": 1680256865000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "DigiCert SHA2 Extended Validation Server
CA","instanceCount": 2,
"assetCount": 2,
"sources": [
"VM",
"QAGENT"
],
"assets": [
{
"id": 21045704,
"uuid": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6404,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"primaryIp": "64.39.xx.xxx"
},
{
"id": 17785749,
"uuid": "99f29795-4c11-49e1-8898-82e9982b0710",
"netbiosName": "",
"name": "qualys.com",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6442,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"primaryIp": "64.39.xx.xxx"
}
]
}
]
Sample with a Single Exclude FilterSample with a Single Exclude Filter
The following sample request specifies page size as 10 and filter as certificate.id and includes the parameter as ASSET_INTERFACES and exclude field parameter as certificate.subject the request. The request fetches all certificates related to this query. The response has certificate details and related asset and instance summary but excludes certificate subject field.
API request
curl -X 'POST'
"<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json'-H 'Authorization: Bearer \
-H 'Content-Type: application/json' -d '{"filter": {
"filters": [{"field": "certificate.id","value": "6677", "operator": "CONTAINS"}],"operation": "AND"},"pageNumber": 0, "pageSize": 10,"includes": ["ASSET_INTERFACES"],"excludeFields": "certificate.subject"}"
Response
[
{
"id": 30029,
"certhash": "192a86240c5ec5d87dd108f17e2543e78439101f193c99c53193f60d115b885d",
"keySize": 2048,
"serialNumber": "05e2ad055846148575bc6476367916b7",
"validToDate": "2024-02-13T23:59:59.000+00:00",
"validTo": 1707868799000,
"validFromDate": "2023-02-13T00:00:00.000+00:00",
"validFrom": 1676246400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": true,
"createdDate": "2023-03-29T11:16:15.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US, serialNumber=3152140, businessCategory=Private
Organization, StateOrProvince=Delaware, CountryName=US","subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2023-03-31T10:01:05.000+00:00",
"lastFound": 1680256865000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "DigiCert SHA2 Extended Validation Server CA",
"instanceCount": 2,
"assetCount": 2,
"sources": [
"VM",
"QAGENT"
],
"assets": [
{
"id": 21045704,
"uuid": "646c7aa5-cfdc-4294-bea7-d43664ac03f4",
"netbiosName": "",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6404,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"primaryIp": "64.39.xx.xxx"
},
{
"id": 17785749,
"uuid": "99f29795-4c11-49e1-8898-82e9982b0710",
"netbiosName": "",
"operatingSystem": "NetScaler",
"hostInstances": [
{
"id": 6442,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "http",
"grade": "A"
}
],
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "64.39.xx.xxx"
}
],
"primaryIp": "64.39.xx.xxx"
}
]
}
]
Sample for Certificate Details for Assets Detected by WASSample for Certificate Details for Assets Detected by WAS
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2/certificates'
-H 'accept: application/json'
-H 'Bearer <JWT Token>'
-H 'Content-Type: application/json'
-d'{
"filter": {
"filters": [
{
"field":"asset.wasUrl",
"value":"https://api.example.com",
"operator": "CONTAINS"
},
{
"field":"certificate.type",
"value":"Leaf",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "ALL"
}'
Response
[
{
"id":461017,
"certhash":"6613xxx30cf5ddcccfdxxxxx44f9b332a9ae0b4304xxxxx646f7bc7xxxxx5bd",
"keySize":2048,
"serialNumber":"0280377f8746af438fc99a2ed4127db5",
"validToDate":"2024-09-13T23:59:59.000+00:00",
"validTo":1726271999000,
"validFromDate":"2023-09-14T00:00:00.000+00:00",
"validFrom":1694649600000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2024-05-17T00:42:02.000+00:00",
"dn":"CN=api.example.com, O=\"Qualys, Inc.\", L=Foster City,
ST=California, C=US",
"subject":{
"organization":"Qualys, Inc.",
"locality":"Foster City",
"name":"api.example.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2024-05-17T01:15:46.000+00:00",
"lastFound":1715908546000,
"imported":false,
"selfSigned":false,
"type":"Leaf" "issuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
],
"name":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country":"US",
"state":"",
"certhash":"c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality":""
},
"rootissuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
"www.digicert.com"
],
"name":"DigiCert Global Root G2",
"country":"US",
"state":"",
"certhash":"cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality":""
},
"issuerCategory":"unapproved",
"instanceCount":1,
"assetCount":1,
"sources":[
"WAS"
],
"assets":[
{
"id":44361432,
"uuid":"9c07ae8b-c051-4b9d-8a2d-21075c812658",
"netbiosName":"",
"name":"api.example.com",
"operatingSystem":"",
"hostInstances":[
{
"id":1253151,
"port":443,
"fqdn":"",
"protocol":"tcp",
"grade":"C"
}
],
"wasUrl":"https://api.example.com"
}
]
}
]Sample for Certificate Details Based on Certificate TypeSample for Certificate Details Based on Certificate Type
API Request
curl -X 'POST' '<qualys_base_url>/certview/v1/certificates' -H 'accept: application/json' -H 'Bearer <JWT Token>' -H 'Content-Type: application/json' -d '{ "filter": { "filters": [ {"field":"certificate.type", "value":"root", "operator": "EQUALS" } ], "operation": "AND" }, "pageNumber": 0, "pageSize": 10, "includes": [ "ASSET_INTERFACES" ], "assetType": "MANAGED" }
Response
[
{
"id": 428871,
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"keySize": 2048,
"serialNumber": "033af1e6a711a9a0bb2864b11d09fae5",
"validToDate": "2038-01-15T12:00:00.000+00:00",
"validTo": 2147169600000,
"validFromDate": "2013-08-01T12:00:00.000+00:00",
"validFrom": 1375358400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-04-26T13:27:01.000+00:00",
"dn": "CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject": {
"organization": "DigiCert Inc",
"locality": "",
"name": "DigiCert Global Root G2",
"state": "",
"country": "US",
"organizationUnit": [
"www.digicert.com"
]
},
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"EASM"
],
"assets": [
{
"id": 45744081,
"uuid": "41981844-78b7-46ad-9f48-a13c951560f3",
"netbiosName": "",
"name": "64-39-96-133.bogus.tld",
"operatingSystem": "CentOS 6.10",
"hostInstances": [
{
"id": 21714433,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "N/A"
}
],
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.39.xx.xx"
}
],
"primaryIp": "64.39.xx.xx"
}
],
"type": "Root"
},
{
"id": 1013608,
"certhash": "a3ac53581e043271878a12124c36660a443321e5a68418c3bc56dab9b1a4d674",
"keySize": 2048,
"serialNumber": "11",
"validToDate": "2031-11-10T00:00:00.000+00:00",
"validTo": 1952035200000,
"validFromDate": "2006-11-10T00:00:00.000+00:00",
"validFrom": 1163116800000,
"signatureAlgorithm": "SHA1withRSA",
"extendedValidation": false,
"createdDate": "2024-06-18T11:35:20.000+00:00",
"dn": "CN=DigiCert Test Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject": {
"organization": "DigiCert Inc",
"locality": "",
"name": "DigiCert Test Root CA",
"state": "",
"country": "US",
"organizationUnit": [
"www.digicert.com"
]
},
"updateDate": "2024-11-25T05:43:54.000+00:00",
"lastFound": 1732513434000,
"imported": true,
"selfSigned": true,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Test Root CA",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 45142220,
"uuid": "8af91982-de8c-43a8-8596-dc962b241993",
"netbiosName": "ADCONNECT-01",
"name": "10.113.xx.xx",
"operatingSystem": "EulerOS / SuSE Linux / Scientific Linux",
"hostInstances": [
{
"id": 21677262,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "adconnect-0.example.com",
"address": "10.113.xxx.xx"
}
],
"primaryIp": "10.113.xx.xx"
}
],
"type": "Root"
},
{
"id": 1163514,
"certhash": "2a1d95f5530c489c25bb90013939d1bfde7eeb3a5067c2ef281f21ea927873db",
"keySize": 4096,
"serialNumber": "0ff7e84388dee15f30786a7a3caa321cc44d584e",
"validToDate": "2046-12-31T18:07:25.000+00:00",
"validTo": 2429892445000,
"validFromDate": "2022-01-06T18:07:26.000+00:00",
"validFrom": 1641492446000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-06-25T06:46:10.000+00:00",
"dn": "CN=Qualys Root CA - G1, OU=Operations, O=\"Qualys, Inc.\", C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "",
"name": "Qualys Root CA - G1",
"state": "",
"country": "US",
"organizationUnit": [
"Operations"
]
},
"updateDate": "2024-11-28T03:42:43.000+00:00",
"lastFound": 1732765363000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Root CA - G1",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 3,
"assetCount": 3,
"sources": [
"VM"
],
"assets": [
{
"id": 50893291,
"uuid": "734e2060-a866-4350-bfee-109adf41c9c8",
"netbiosName": "",
"name": "qconsul.example.qualys.com",
"operatingSystem": "Citrix NetScaler",
"hostInstances": [
{
"id": 21707193,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "qconsul.example.qualys.com",
"address": "10.44.xx.xx"
}
],
"primaryIp": "10.44.xx.xx"
},
{
"id": 50909086,
"uuid": "1a8265d7-62e4-4663-9fcc-dbe81c0c56cf",
"netbiosName": "",
"name": "qualysguard.example.qualys.com",
"operatingSystem": "Citrix NetScaler",
"hostInstances": [
{
"id": 21677254,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "qualysguard.example.qualys.com",
"address": "10.44.xx.xx"
}
],
"primaryIp": "10.44.1.66"
},
{
"id": 45196504,
"uuid": "54d357ad-7616-4494-96ae-3a27b1cd08b7",
"netbiosName": "",
"name": "qvault.example.qualys.com",
"operatingSystem": "Citrix NetScaler",
"hostInstances": [
{
"id": 21707197,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "qvault.example.qualys.com",
"address": "10.44.xx.xx"
}
],
"primaryIp": "10.44.xx.xx"
}
],
"type": "Root"
}
]Sample to get the details of all the assets excluding Shodan tag Sample to get the details of all the assets excluding Shodan tag
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d'{
"filter": {
"filters": [
{ "field": "asset.tagName", "value": "Shodan", "operator": "NOT_EQUALS" }
,
{ "field": "certificate.serialNumber", "value": "00d193aa9a645420da", "operator": "EQUALS" }
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}'
Response
[
{
"id":8366,
"certhash":"13a8cc24ef5f994ea86e190a98d36b435966d43e8001523b63f0c439091b8aa0",
"keySize":1024,
"serialNumber":"00d193aa9a645420da",
"validToDate":"2019-06-27T12:56:00.000+00:00",
"validTo":1561640160000,
"validFromDate":"2018-12-09T12:56:00.000+00:00",
"validFrom":1544360160000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2019-03-01T06:55:33.000+00:00",
"dn":"CN=certificate-view.qualys-test.com, O=Qualys-Test, L=Foster City, ST=California, C=US",
"subject":{
"organization":"Qualys-Test",
"locality":"Foster City",
"name":"certificate-view.qualys-test.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2019-03-01T06:55:33.000+00:00",
"lastFound":1551423333000,
"imported":true,
"selfSigned":true,
"issuer":{
"organization":"Qualys-Test",
"organizationUnit":[
],
"name":"certificate-view.qualys-test.com",
"country":"US",
"state":"California",
"certhash":"",
"locality":"Foster City"
},
"issuerCategory":"Self-Signed",
"orderStatus":"Rejected",
"instanceCount":0,
"assetCount":0,
"type":"Leaf",
"publicKeyAlgorithm":"",
"revocationStatus":"Scan Pending"
}
]
v2.1
Use this API to retrieve certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
The API response of this new version of API features an important new field that specifies the key algorithm in use, such as RSA or ECC, as well as the key size, including options like 256, 384, 512, and 768. This helps in identifying whether they are using RSA or ECC keys. You can use certificate.publicKeyAlgorithm as a filter value to get the response based on the key algorithm used.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For example- ASSET_INTERFACES, VULNERABILITIES, SSL_PROTOCOLS, CIPHER_SUITES, ASSET_TAGS, EXTENSIVE_CERTIFICATE_INFO |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample shows request and response using certificate.publicKeyAlgorithma filter valueSample shows request and response using certificate.publicKeyAlgorithma filter value
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.1/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter": {
"filters": [
{
"field": "certificate.publicKeyAlgorithm",
"value": "RSA",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}'
Response
[
{
"id": 2163312,
"certhash": "6dca79243d2c31796050ebcfa6bc251f28f1805dd6528149d55e6ced047a6c47",
"keySize": 2048,
"serialNumber": "01434c80ea24163a54663a1a7c729492",
"validToDate": "2025-09-03T23:59:59.000+00:00",
"validTo": 1756943999000,
"validFromDate": "2024-09-04T00:00:00.000+00:00",
"validFrom": 1725408000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-09-17T05:18:00.000+00:00",
"dn": "CN=example.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "example.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-05T07:22:56.000+00:00",
"lastFound": 1746429776000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 45197700,
"uuid": "8ae40c50-40d7-446d-a815-1dad55e496c2",
"netbiosName": "",
"name": "example.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"hostInstances": [
{
"id": 27823184,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+"
}
],
"assetInterfaces": [
{
"hostname": "example.qualys.com",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 2446837,
"certhash": "a7183d7adc8cff9eb492232dc42c134c5c2cf55ab3c907ec6697b05ca2199686",
"keySize": 2048,
"serialNumber": "0aecf066456ea2411cbdf932d5aeced0",
"validToDate": "2025-09-03T23:59:59.000+00:00",
"validTo": 1756943999000,
"validFromDate": "2024-09-04T00:00:00.000+00:00",
"validFrom": 1725408000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-10-04T11:34:18.000+00:00",
"dn": "CN=example.intranet.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "example.intranet.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:00:43.000+00:00",
"lastFound": 1747134043000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 44276804,
"uuid": "6ef04d50-2930-47be-a4b1-9b4d3c4a3ac7",
"netbiosName": "",
"name": "example.intranet.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"hostInstances": [
{
"id": 21361190,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-"
}
],
"assetInterfaces": [
{
"hostname": "example.intranet.qualys.com",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 2548277,
"certhash": "4da40702a78418deaa09697a4c80e650a5fe088000644f0439289920a7cb72d2",
"keySize": 2048,
"serialNumber": "0deaf9b469fdce8198cd6c9e1bb87d10",
"validToDate": "2025-12-17T23:59:59.000+00:00",
"validTo": 1766015999000,
"validFromDate": "2024-12-18T00:00:00.000+00:00",
"validFrom": 1734480000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-01-02T14:24:43.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US, serialNumber=3152140, businessCategory=Private Organization, StateOrProvince=Delaware, CountryName=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:18:01.000+00:00",
"lastFound": 1747135081000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert SHA2 Extended Validation Server CA",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert High Assurance EV Root CA",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"EASM",
"VM"
],
"assets": [
{
"id": 47092745,
"uuid": "ef0d52e5-7fd6-455f-8ebe-2243311d50b6",
"netbiosName": "",
"name": "www.qualys.com",
"hostInstances": [
{
"id": 21937410,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-"
}
],
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.xx.xxx.xx"
}
],
"primaryIp": "64.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3462197,
"certhash": "85304f89bc84c259fb079092e5d687fe65ac97172a67d7bcdea87c576ef9da27",
"keySize": 2048,
"serialNumber": "60c452c8620beea4477368e64308e2a1",
"validToDate": "2026-12-08T19:06:48.000+00:00",
"validTo": 1796756808000,
"validFromDate": "2024-09-09T19:06:49.000+00:00",
"validFrom": 1725908809000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-11T06:40:49.000+00:00",
"dn": "CN=examplecom, OU=Operations and Infrastructure, O=Visa Inc., C=US, ST=Virginia, L=Ashburn",
"subject": {
"organization": "Visa Inc.",
"locality": "Ashburn",
"name": "example.visa.com",
"state": "Virginia",
"country": "US",
"organizationUnit": [
"Operations and Infrastructure"
]
},
"updateDate": "2025-03-11T06:40:49.000+00:00",
"lastFound": 1741675249000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Visa Inc.",
"organizationUnit": [
"Cybersecurity - Applied Crypto"
],
"name": "Visa Sandbox Issuing CA",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3465430,
"certhash": "6ff8ae4234c67b8c04488951c72ee455e7962bb4932f47f1d1b1880efdeffcfc",
"keySize": 4096,
"serialNumber": "56e4ac98392c6221d73b84be8483387bd49d9595",
"validToDate": "2026-02-21T04:33:38.000+00:00",
"validTo": 1771648418000,
"validFromDate": "2025-02-21T04:33:39.000+00:00",
"validFrom": 1740112419000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-18T04:56:16.000+00:00",
"dn": "CN=ejbca.example.qualys.com, OU=Operations, O=\"Qualys, Inc,\b.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc,\b.",
"locality": "Foster City",
"name": "ejbca.example.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": [
"Operations"
]
},
"updateDate": "2025-03-18T04:56:16.000+00:00",
"lastFound": 1742273776000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Issuing CA - G1",
"country": "US",
"state": "",
"certhash": "7e6f835a32c25732283fdf1cb9bccc200d27e9f35bb754f7e402581bd8366f8b",
"locality": ""
},
"rootissuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Root CA - G1",
"country": "US",
"state": "",
"certhash": "2a1d95f5530c489c25bb90013939d1bfde7eeb3a5067c2ef281f21ea927873db",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3493465,
"certhash": "a9ab5376dab60367a977618421574cecc4092d4ff9bf4e609670afec15bac774",
"keySize": 2048,
"serialNumber": "1614efc551fa14a04a9840c6dc1338fa",
"validToDate": "2025-07-09T18:30:00.000+00:00",
"validTo": 1752085800000,
"validFromDate": "2025-01-07T18:30:00.000+00:00",
"validFrom": 1736274600000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-28T03:35:05.000+00:00",
"dn": "CN=WIN-P8S24QHD09L",
"subject": {
"organization": "",
"locality": "",
"name": "WIN-P8S24QHD09L",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2025-04-03T03:33:27.000+00:00",
"lastFound": 1743651207000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "",
"organizationUnit": [],
"name": "WIN-P8S24QHD09L",
"country": "",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 50293148,
"uuid": "1dc38361-34df-4646-ad59-1375da766fd8",
"netbiosName": "",
"name": "10.xx.xx.xx",
"operatingSystem": "Microsoft Windows",
"hostInstances": [
{
"id": 27843720,
"port": 3389,
"fqdn": "",
"protocol": "tcp",
"service": "ms-wbt-server",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": null,
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3538844,
"certhash": "8f9db83d6e55237b861631ef9659f29c9194b0276543581452e4d3de5d80e417",
"keySize": 4096,
"serialNumber": "0b3b6bef878d9541f0416ebef82d4791",
"validToDate": "2026-03-25T23:59:59.000+00:00",
"validTo": 1774483199000,
"validFromDate": "2025-03-27T00:00:00.000+00:00",
"validFrom": 1743033600000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-04-16T09:43:34.000+00:00",
"dn": "CN=abc.qualys.com, O=\"Qualys, Inc\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc",
"locality": "Foster City",
"name": "abc.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-04-16T09:43:34.000+00:00",
"lastFound": 1744796614000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Test SHA2 Intermediate CA-1",
"country": "US",
"state": "",
"certhash": "a52d05988b61a33d6ac3edb449eb47150fa5b7a26c7dfc4e61f905ca36e165ee",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Test Root CA",
"country": "US",
"state": "",
"certhash": "a3ac53581e043271878a12124c36660a443321e5a68418c3bc56dab9b1a4d674",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3538845,
"certhash": "6f333b53885a1a0720733a0304f53e1ea31e5ad90be0f71bf6c7127e01b0d72a",
"keySize": 3072,
"serialNumber": "6233fb68f1cc4df01447ef492fb07a0d4db2c21b",
"validToDate": "2026-03-27T12:01:56.000+00:00",
"validTo": 1774612916000,
"validFromDate": "2025-03-27T12:01:57.000+00:00",
"validFrom": 1743076917000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-04-16T09:43:34.000+00:00",
"dn": "CN=abc.com, OU=Operations, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "abc.com",
"state": "California",
"country": "US",
"organizationUnit": [
"Operations"
]
},
"updateDate": "2025-04-16T09:43:34.000+00:00",
"lastFound": 1744796614000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Test CA - G1",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3542049,
"certhash": "29f59ba543747af6aa8e918d9b857c95854d7c6e5d18995d0db0559cc3471278",
"keySize": 2048,
"serialNumber": "37799f32b02555874b72ff9ed8bcfcc5",
"validToDate": "2025-07-03T08:22:48.000+00:00",
"validTo": 1751530968000,
"validFromDate": "2025-01-01T08:22:48.000+00:00",
"validFrom": 1735719768000,
"signatureAlgorithm": "SHA1withRSA",
"extendedValidation": false,
"createdDate": "2025-04-24T09:29:32.000+00:00",
"dn": "CN=qw28uv4-65-163",
"subject": {
"organization": "",
"locality": "",
"name": "qw28uv4-65-163",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:34:00.000+00:00",
"lastFound": 1747136040000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "",
"organizationUnit": [],
"name": "qw28uv4-65-163",
"country": "",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 33237439,
"uuid": "f67edd6d-f31c-43a3-96b2-e890dcb879c4",
"netbiosName": "QW28UV4-65-163",
"name": "10.xx.xx.xx",
"operatingSystem": "Microsoft Windows Server 2008 Enterprise (6.0 SP2)",
"hostInstances": [
{
"id": 28356154,
"port": 3389,
"fqdn": "",
"protocol": "tcp",
"service": "ms-wbt-server",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "qw28uv4-65-163",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
" >publicKeyAlgorithm": "RSA "
}
]
Sample to get the details of all the assets excluding Shodan tag Sample to get the details of all the assets excluding Shodan tag
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.1/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d'{
"filter": {
"filters": [
{ "field": "asset.tagName", "value": "Shodan", "operator": "NOT_EQUALS" }
,
{ "field": "certificate.serialNumber", "value": "00d193aa9a645420da", "operator": "EQUALS" }
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}'
Response
[
{
"id":8366,
"certhash":"13a8cc24ef5f994ea86e190a98d36b435966d43e8001523b63f0c439091b8aa0",
"keySize":1024,
"serialNumber":"00d193aa9a645420da",
"validToDate":"2019-06-27T12:56:00.000+00:00",
"validTo":1561640160000,
"validFromDate":"2018-12-09T12:56:00.000+00:00",
"validFrom":1544360160000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2019-03-01T06:55:33.000+00:00",
"dn":"CN=certificate-view.qualys-test.com, O=Qualys-Test, L=Foster City, ST=California, C=US",
"subject":{
"organization":"Qualys-Test",
"locality":"Foster City",
"name":"certificate-view.qualys-test.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2019-03-01T06:55:33.000+00:00",
"lastFound":1551423333000,
"imported":true,
"selfSigned":true,
"issuer":{
"organization":"Qualys-Test",
"organizationUnit":[
],
"name":"certificate-view.qualys-test.com",
"country":"US",
"state":"California",
"certhash":"",
"locality":"Foster City"
},
"issuerCategory":"Self-Signed",
"orderStatus":"Rejected",
"instanceCount":0,
"assetCount":0,
"type":"Leaf",
"publicKeyAlgorithm":"",
"revocationStatus":"Scan Pending"
}
]
v2.2
Use this API to retrieve certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
We have introduced many improvements to enhance the visibility, accuracy, and usability of certificate and cipher suite data in the API responses.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For example- ASSET_INTERFACES, VULNERABILITIES, SSL_PROTOCOLS, CIPHER_SUITES, ASSET_TAGS, EXTENSIVE_CERTIFICATE_INFO |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample: Response to include revocation informationSample: Response to include revocation information
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter": {
"filters": [
{
"field": "string",
"value": "string",
"operator": "CONTAINS"
}
]
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"CERT_REVOCATION_INFO"
],
"assetType": "MANAGED"
}'
Response
[
{
"id": 3942381,
"certhash": "00000c4a8d1dd38010d13d5dd589121bfc79da417bcffef89b77b22e86cff063",
"keySize": 2048,
"serialNumber": "06364520be0e7788696dba804398499c",
"validToDate": "2025-12-19T23:59:59.000+00:00",
"validTo": 1766188799000,
"validFromDate": "2024-12-20T00:00:00.000+00:00",
"validFrom": 1734652800000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-06-25T10:38:06.000+00:00",
"dn": "CN=remote.hdfc.com, O=Hdfc Bank Limited, L=Mumbai, ST=Maharashtra, C=IN",
"subject": {
"organization": "Hdfc Bank Limited",
"locality": "Mumbai",
"name": "remote.hdfc.com",
"state": "Maharashtra",
"country": "IN",
"organizationUnit": []
},
"updateDate": "2025-06-25T10:38:06.000+00:00",
"lastFound": 1750847886000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "GeoTrust TLS RSA CA G1",
"country": "US",
"state": "",
"certhash": "c06e307f7cfc1d32fa72a4c033c87b90019af216f0775d64978a2eca6c8a230e",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root CA",
"country": "US",
"state": "",
"certhash": "4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA",
"revocationStatus": "Revoked",
"revocationDetails": {
"ocspUris": [
"http://status.geotrust.com"
],
"crlUris": [
"http://cdp.geotrust.com/GeoTrustTLSRSACAG1.crl"
]
}
}
]
Sample: Response to include details of asset information (created and updated)Sample: Response to include details of asset information (created and updated)
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter":{
"filters":[
{
"field":"certificate.id",
"value":"3498985",
"operator":"EQUALS"
},
{
"*""field":"asset.createDate",
"*""value":"2025-06-12",
"operator":"GREATER_THAN_EQUAL"
}
],
"operation":"AND"
},
"pageNumber":0,
"pageSize":10,
"includes":[
"ASSET_INTERFACES"
],
"assetType":"MANAGED"
}
Response
{
"filter":{
"filters":[
{
"field":"certificate.id",
"value":"3498985",
"operator":"EQUALS"
},
{
"*""field":"asset.createDate",
"*""value":"2025-06-12",
"operator":"GREATER_THAN_EQUAL"
}
],
"operation":"AND"
},
"pageNumber":0,
"pageSize":10,
"includes":[
"ASSET_INTERFACES"
],
"assetType":"MANAGED"
}"Response":[
{
"id":3498985,
"certhash":"6dca79243d2c31796050ebcfa6bc251f28f1805dd6528149d55e6ced047a6c47",
"keySize":2048,
"serialNumber":"01434c80ea24163a54663a1a7c729492",
"validToDate":"2025-09-03T23:59:59.000+00:00",
"validTo":1756943999000,
"validFromDate":"2024-09-04T00:00:00.000+00:00",
"validFrom":1725408000000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2025-04-01T09:43:29.000+00:00",
"dn":"CN=example.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject":{
"organization":"Qualys, Inc.",
"locality":"Foster City",
"name":"example.qualys.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2025-06-17T04:52:48.000+00:00",
"lastFound":1750135968000,
"imported":true,
"selfSigned":false,
"issuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
],
"name":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country":"US",
"state":"",
"certhash":"c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality":""
},
"rootissuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
"www.digicert.com"
],
"name":"DigiCert Global Root G2",
"country":"US",
"state":"",
"certhash":"cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality":""
},
"issuerCategory":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount":1,
"assetCount":1,
"sources":[
"VM"
],
"type":"Leaf",
"publicKeyAlgorithm":"RSA",
"revocationStatus":"Not Revoked",
"assets":[
{
"id":65139652,
"uuid":"da1f6aaa-f921-423d-82c8-34614debf1ed",
"netbiosName":"",
"name":"example.qualys.com",
"operatingSystem":"Debian Project Debian Bookworm (12)",
"hostInstances":[
{
"id":30880262,
"port":443,
"fqdn":"",
"protocol":"tcp",
"service":"https",
"grade":"A+"
}
],
"assetInterfaces":[
{
"hostname":"example.qualys.com",
"address":"10.xx.xx.xx"
}
],
"primaryIp":"10.xx.xx.xx",
"created":"2025-06-12T07:08:37.000+00:00""*",
"updated":"2025-06-17T05:15:57.000+00:00"
}
]
}
]
Sample: Response to include Cipher Suites informationSample: Response to include Cipher Suites information
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter": {
"filters": [
{
"field": "cipherSuite.category",
"value": "INSECURE",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 1,
"includes": [
"CIPHER_SUITES"
],
"assetType": "MANAGED"
}'
[
{
"id": 5021,
"certhash": "a3ac53581e043271878a12124c36660a443321e5a68418c3bc56dab9b1a4d674",
"keySize": 2048,
"serialNumber": "11",
"validToDate": "2031-11-10T00:00:00.000+00:00",
"validTo": 1952035200000,
"validFromDate": "2006-11-10T00:00:00.000+00:00",
"validFrom": 1163116800000,
"signatureAlgorithm": "SHA1withRSA",
"extendedValidation": false,
"createdDate": "2018-11-09T07:12:23.000+00:00",
"dn": "CN=DigiCert Test Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject": {
"organization": "DigiCert Inc",
"locality": "",
"name": "DigiCert Test Root CA",
"state": "",
"country": "US",
"organizationUnit": [
"www.digicert.com"
]
},
"updateDate": "2025-07-03T08:23:07.000+00:00",
"lastFound": 1751530987000,
"imported": true,
"selfSigned": true,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Test Root CA",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Root",
"publicKeyAlgorithm": "",
"revocationStatus": "Not Available",
"assets": [
{
"id": 33336679,
"uuid": "50c3eeaa-9136-42c0-a6c7-dd80dd6a55c2",
"netbiosName": "",
"name": "10.115.78.176",
"operatingSystem": "EulerOS / Ubuntu / Fedora / Tiny Core Linux / Linux 3.x / IBM / FortiSOAR / F5 Networks Big-IP",
"hostInstances": [
{
"id": 29581434,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T",
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "CAMELLIA128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DES-CBC3-SHA",
"category": "INSECURE"
},
{
"name": "AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "CAMELLIA256-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-DES-CBC3-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-SHA",
"category": "INSECURE"
},
{
"name": "AES128-SHA256",
"category": "INSECURE"
},
{
"name": "AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "CAMELLIA256-SHA256"
},
{
"name": "AES256-CCM-8",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-CAMELLIA256-SHA384",
"category": "INSECURE"
},
{
"name": "AES128-CCM-8",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-CAMELLIA128-SHA256",
"category": "INSECURE"
},
{
"name": "AES128-CCM",
"category": "GOOD"
},
{
"name": "CAMELLIA128-SHA256",
"category": "INSECURE"
},
{
"name": "AES256-CCM",
"category": "GOOD"
}
]
}
],
"primaryIp": "10.115.78.176",
"created": "2023-09-15T12:30:17.000+00:00",
"updated": "2025-05-17T03:41:23.000+00:00"
}
]
}
]
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d'{
"filter": {
"filters": [
{ "field": "asset.tagName", "value": "Shodan", "operator": "NOT_EQUALS" }
,
{ "field": "certificate.serialNumber", "value": "00d193aa9a645420da", "operator": "EQUALS" }
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}'
Response
[
{
"id":8366,
"certhash":"13a8cc24ef5f994ea86e190a98d36b435966d43e8001523b63f0c439091b8aa0",
"keySize":1024,
"serialNumber":"00d193aa9a645420da",
"validToDate":"2019-06-27T12:56:00.000+00:00",
"validTo":1561640160000,
"validFromDate":"2018-12-09T12:56:00.000+00:00",
"validFrom":1544360160000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2019-03-01T06:55:33.000+00:00",
"dn":"CN=certificate-view.qualys-test.com, O=Qualys-Test, L=Foster City, ST=California, C=US",
"subject":{
"organization":"Qualys-Test",
"locality":"Foster City",
"name":"certificate-view.qualys-test.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2019-03-01T06:55:33.000+00:00",
"lastFound":1551423333000,
"imported":true,
"selfSigned":true,
"issuer":{
"organization":"Qualys-Test",
"organizationUnit":[
],
"name":"certificate-view.qualys-test.com",
"country":"US",
"state":"California",
"certhash":"",
"locality":"Foster City"
},
"issuerCategory":"Self-Signed",
"orderStatus":"Rejected",
"instanceCount":0,
"assetCount":0,
"type":"Leaf",
"publicKeyAlgorithm":"",
"revocationStatus":"Scan Pending"
}
]
Use this API to retrieve PQC-supported certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
We have introduced the instance.pqcSupport filter along with the field PQC-supported algorithms that allows filtering certificates based on PQC support status (true or false). The field PQC_SUPPORTED_ALGORITHMS
Input ParameterInput Parameter
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For example- ASSET_INTERFACES, VULNERABILITIES, SSL_PROTOCOLS, CIPHER_SUITES, ASSET_TAGS, EXTENSIVE_CERTIFICATE_INFO |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample 1: Response to get details of certificates based on PQC support Sample 1: Response to get details of certificates based on PQC support
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.3/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d '{
"filter": {
"filters": [
{
"field": "instance.pqcSupport",
"value": "true",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES",
"PQC_SUPPORTED_ALGORITHMS"
],
"excludeFields": "",
"assetType": "MANAGED"
}'
Response
[
{
"id": 1168737,
"certhash": "5f9aeccxxxxxxxxxxxxxxxxxxxxf6dd320c8ca5a0ceb7f09c985ebf0696934fc",
"keySize": 4096,
"serialNumber": "21e5b9a0cc956de278ca012ba8fdc58a98b3fbea",
"validToDate": "2040-10-14T13:35:12.000+00:00",
"validTo": 2233834512000,
"validFromDate": "2020-10-14T13:35:12.000+00:00",
"validFrom": 1602682512000,
"signatureAlgorithm": "SHA384withRSA",
"extendedValidation": false,
"createdDate": "2024-06-25T08:35:37.000+00:00",
"dn": "CN=certificate-view.qualys-test, OU=FPKI, O=U.S. Government, C=US",
"subject": {
"organization": "certificate-view.qualys-test",
"locality": "",
"name": "certificate-view.qualys-test.com",
"state": "",
"country": "US",
"organizationUnit": []
},
"updateDate": "2024-11-19T04:01:14.000+00:00",
"lastFound": 1731988874000,
"imported": true,
"selfSigned": true,
"issuer": {
"organization": "certificate-view.qualys-test",
"organizationUnit": [],
"name": "certificate-view.qualys-test.com",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Root",
"publicKeyAlgorithm": "",
"revocationStatus": "Not Available",
"assets": [
{
"id": 70412578,
"uuid": "abc6d649-ac28-4243-ab8b-131a5955024e",
"netbiosName": "VP0PMEMCASPTRS8",
"name": "certificate-view.qualys-test.com",
Sample 2: Response when the PQC-supported algorithm is not included in API RequestSample 2: Response when the PQC-supported algorithm is not included in API Request
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.3/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d '{
"filter": {
"filters": [
{
"field": "instance.pqcSupport",
"value": "true",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES",
],
"excludeFields": "",
"assetType": "MANAGED"
}
Response
[
{
"id": 4347312,
"certhash": "76exxxxxxxxxxxxxxxxxxxxbf946aad997d5c1c901b3ce513d3d8fadbabe2ab85",
"keySize": 384,
"serialNumber": "00b0573e9173972770dbb487cb3a452b38",
"validToDate": "2027-03-12T23:59:59.000+00:00",
"validTo": 1804895999000,
"validFromDate": "2024-03-13T00:00:00.000+00:00",
"validFrom": 1710288000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-09-10T06:39:51.000+00:00",
"dn": "CN=certificate-view.qualys-test.com, O=certificate-view.qualys-test, C=US",
"subject": {
"organization": "certificate-view.qualys-test",
"locality": "",
"name": "certificate-view.qualys-test.com",
"state": "",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-10-08T09:53:34.000+00:00",
"lastFound": 1759917214000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "certificate-view.qualys-test",
"organizationUnit": [],
"name": "certificate-view.qualys-test.com",
"country": "US",
"state": "",
"certhash": "96bcecxxxxxxxxxxxxxxxxxxxx28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "certificate-view.qualys-test.com",
"country": "US",
"state": "",
"certhash": "96bcecxxxxxxxxxxxxxxxxxxxx28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Intermediate",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
Sample 3: Response when the PQC-supported algorithm is included in API RequestSample 3: Response when the PQC-supported algorithm is included in API Request
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.3/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d '{
"filter": {
"filters": [
{
"field": "instance.pqcSupport",
"value": "true",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"PQC_SUPPORTED_ALGORITHMS",
],
"excludeFields": "",
"assetType": "MANAGED"
}
Response
[
{
"id": 4347312,
"certhash": "76e9exxxxxxxxxxxxxxxxxxxx946aad997d5c1c901b3ce513d3d8fadbabe2ab85",
"keySize": 384,
"serialNumber": "00b0573e9173972770dbb487cb3a452b38",
"validToDate": "2027-03-12T23:59:59.000+00:00",
"validTo": 1804895999000,
"validFromDate": "2024-03-13T00:00:00.000+00:00",
"validFrom": 1710288000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-09-10T06:39:51.000+00:00",
"dn": "CN=certificate-view.qualys-test.com, O=certificate-view.qualys-test, C=US",
"subject": {
"organization": "certificate-view.qualys-test",
"locality": "",
"name": "certificate-view.qualys-test.com",
"state": "",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-10-08T09:53:34.000+00:00",
"lastFound": 1759917214000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "certificate-view.qualys-test.com",
"country": "US",
"state": "",
"certhash": "96bcecxxxxxxxxxxxxxxxxxxxx28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "certificate-view.qualys-test.com",
"country": "US",
"state": "",
"certhash": "96bcecxxxxxxxxxxxxxxxxxxxx28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Intermediate",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "certificate-view.qualys-test.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2025-10-08T09:59:39.000+00:00",
"hostInstances": [
{
"id": 36509521,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-",
"pqcSupport": true,
"pqcSupportedAlgorithms": [
"MLKEM512"
]
}
]
}
]
}
API Version History
The following table depicts the information about the different versions of this API, along with the status:
| API version | Status | EOS | EOL |
|---|---|---|---|
| /certview/v2.3/certificates | Active | ||
| /certview/v2.2/certificates | Active | ||
| /certview/v2.1/certificates | To be deprecated | January 2026 | July 2026 |
| /certview/v2/certificates | To be deprecated | January 2026 | July 2026 |