List CertView Certificates (v2)
For information on API version, refer to the API Version History section.
v2
Use this API to retrieve certificates. You can use various filters to search for the required result. You can use multiple filters and parameters. You can retrieve any number of certificates, as the v2 version of List CertView Certificate API has no fixed limit for fetching certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
In the v1 version of the List CertView Certificate API, a maximum of 10000 certificates was allowed. If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of the List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For more details regarding the supported API versions and sample field values for the includes parameter, refer to the Include Parameter Reference. |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
The value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample: Response without any Include filtersSample: Response without any Include filters
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.serialNumber",
"value": "061d501a758700b72120a2e8c74a51cd667f",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "8xxxxxxxxxxxxxxx23c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "9xxxxxxxxxxxxxxx7460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.comm",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
Sample: Response to include Asset InterfacesSample: Response to include Asset Interfaces
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "asset.primaryIp",
"value": "158.177.245.197",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "a2cxxxxxxxxxxxx2ed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"assetInterfaces": [
{
"hostname": "qualys.com",
"address": "xxx.xxx.xxx.xxx"
}
],
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
Sample: Response to include VulnerabilitiesSample: Response to include Vulnerabilities
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.serialNumber",
"value": "061d501a758700b72120a2e8c74a51cd667f",
"operator": "EQUALS"
},
{
"field": "instance.qid",
"value": "86002",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"VULNERABILITIES"
],
"assetType": "MANAGED"
}
Response
[
[
{
"id": 44xxx83,
"certhash": "a2c751f5539b7b72ed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37xxx768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"vulnerabilities": [
{
"title": "SSL Server Information Retrieval",
"severity": 1,
"qid": 38116
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Invalid Protocol Version Tolerance",
"severity": 1,
"qid": 38597
},
{
"title": "SSL Certificate will expire within next six months",
"severity": 1,
"qid": 38600
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Key Exchange Methods",
"severity": 1,
"qid": 38704
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Protocol Properties",
"severity": 1,
"qid": 38706
},
{
"title": "Secure Sockets Layer (SSL) Certificate Transparency Information",
"severity": 1,
"qid": 38718
},
{
"title": "Reports if server supports Post Quantum Cryptographic(PQC) Key Exchange Algorithm",
"severity": 1,
"qid": 38994
},
{
"title": "Reports Signature Algorithm used in Post Quantum Cryptographic(PQC) detection using QID 38994",
"severity": 1,
"qid": 38995
},
{
"title": "TLS Secure Renegotiation Extension Support Information",
"severity": 1,
"qid": 42350
},
{
"title": "SSL Certificate - Information",
"severity": 1,
"qid": 86002
},
{
"title": "HTTP Strict Transport Security (HSTS) Support Detected",
"severity": 1,
"qid": 86137
}
],
"vulnCount": 11,
"pqcSupport": true
}
]
}
]
}
]
Sample: Response to include SSL ProtocolsSample: Response to include SSL Protocols
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "instance.sslProtocol",
"value": "TLSv1.2",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"SSL_PROTOCOLS"
],
"assetType": "MANAGED"
}
Response
[
{
"id": 44xxx83,
"certhash": "a2cxxxxxxxxxxxxxxx994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "836xxxxxxxxxxxxxxxc18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37xxx768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"sslProtocols": [
"TLSv1.2",
"TLSv1.3"
],
"pqcSupport": true
}
]
}
]
}
]
Sample: Response to include Cipher SuitesSample: Response to include Cipher Suites
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "instance.port",
"value": "443",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"CIPHER_SUITES"
],
"assetType": "MANAGED"
}
Response
[
[
{
"id": 17016,
"certhash": "e95eb6907f3e5b4b397b0bfc1d48bf6560f7868dc2a5aa0c65f15fde48d66eac",
"keySize": 1024,
"serialNumber": "00d31175076e82618f",
"validToDate": "2019-09-12T06:10:50.000+00:00",
"validTo": 1568268650000,
"validFromDate": "2019-08-13T06:10:50.000+00:00",
"validFrom": 1565676650000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2022-10-26T10:02:02.000+00:00",
"dn": "www.qualys.com, CN=www.qualys.com
"subject": {
"organization": "Qualys",
"locality": "kanpur",
"name": "www.qualys.com",
"state": "Up",
"country": "IN",
"organizationUnit": [
"Dev"
]
},
"updateDate": "2026-01-13T05:45:10.000+00:00",
"lastFound": 1768283110000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "Qualys",
"organizationUnit": [
"Dev"
],
"name": "www.qualys.com",
"country": "IN",
"state": "Up",
"certhash": "",
"locality": "kanpur"
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "",
"revocationStatus": "Not Available",
"assets": [
{
"id": 50293148,
"uuid": "1dc38361-34df-4646-ad59-1375da766fd8",
"netbiosName": "WIN-P8S24QHD09L",
"name": "www.qualys.com",
"operatingSystem": "Microsoft Windows Server 2019 Standard (1809)",
"primaryIp": "xx.xxx.xxx.xxx",
"created": "2024-10-23T03:46:16.000+00:00",
"updated": "2026-01-08T13:22:14.000+00:00",
"hostInstances": [
{
"id": 38xxxx21,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "T",
"pqcSupport": false,
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DES-CBC3-SHA",
"category": "INSECURE"
},
{
"name": "AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-SHA",
"category": "INSECURE"
},
{
"name": "AES128-SHA256",
"category": "INSECURE"
},
{
"name": "AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-SHA",
"category": "INSECURE"
}
]
}
]
}
]
},
{
"id": 1461996,
"certhash": "cxxxxxxxxxxxxxxxb3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"keySize": 2048,
"serialNumber": "0cf5bd062b5602f47ab8502c23ccf066",
"validToDate": "2031-03-29T23:59:59.000+00:00",
"validTo": 1932595199000,
"validFromDate": "2021-03-30T00:00:00.000+00:00",
"validFrom": 1617062400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-07-01T04:33:59.000+00:00",
"dn": "CN=www.qualys.com, O=www.qualys.com, C=US",
"subject": {
"organization": "DigiCert Inc",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "US",
"organizationUnit": []
},
"updateDate": "2026-01-13T05:45:10.000+00:00",
"lastFound": 1768283110000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.qualys.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 4,
"assetCount": 4,
"sources": [
"VM"
],
"type": "Intermediate",
"publicKeyAlgorithm": "",
"revocationStatus": "Unknown",
"assets": [
{
"id": 45197700,
"uuid": "8ae40c50-40d7-446d-a815-1dad55e496c2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"primaryIp": "xx.xx.xxx.xx",
"created": "2024-06-24T19:28:27.000+00:00",
"updated": "2026-01-08T18:24:25.000+00:00",
"hostInstances": [
{
"id": 37751824,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+",
"pqcSupport": false,
"cipherSuites": [
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES256-CCM",
"category": "GOOD"
}
]
}
]
},
{
"id": 44276804,
"uuid": "6ef04d50-2930-47be-a4b1-9b4d3c4a3ac7",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"primaryIp": "xx.xx.xxx.xx",
"created": "2024-05-15T08:56:33.000+00:00",
"updated": "2026-01-12T21:19:14.000+00:00",
"hostInstances": [
{
"id": 37751828,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-",
"pqcSupport": false,
"cipherSuites": [
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
}
]
}
]
},
{
"id": 74426950,
"uuid": "9f240502-ac50-4325-910e-ee7ee4a0c754",
"netbiosName": "",
"name": "jira01.b01.eng.sjc01.qualys.com",
"operatingSystem": "Debian Project Debian Bookworm (12)",
"primaryIp": "10.44.201.67",
"created": "2025-08-13T09:49:47.000+00:00",
"updated": "2026-01-09T00:22:21.000+00:00",
"hostInstances": [
{
"id": 37750658,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+",
"pqcSupport": false,
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
}
]
}
]
},
{
"id": 82308778,
"uuid": "6d6ece32-52c7-4b47-b0d0-a85a9ebac085",
"netbiosName": "",
"name": "config-review.intranet.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "10.44.201.217",
"created": "2025-12-26T04:53:11.000+00:00",
"updated": "2025-12-26T04:53:11.000+00:00",
"hostInstances": [
{
"id": 37893766,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-",
"pqcSupport": false,
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-SHA",
"category": "INSECURE"
},
{
"name": "AES128-SHA256",
"category": "INSECURE"
},
{
"name": "AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "AES128-CCM",
"category": "GOOD"
},
{
"name": "AES256-CCM",
"category": "GOOD"
}
]
}
]
}
]
},
{
"id": 4270508,
"certhash": "3df9f45e868ab5bc0d839eac6b249555f37b21eb1e55ede8d122a681ea8f5d07",
"keySize": 2048,
"serialNumber": "0de8e283b9b099cbce7713be4ded5454",
"validToDate": "2026-08-20T23:59:59.000+00:00",
"validTo": 1787270399000,
"validFromDate": "2025-08-21T00:00:00.000+00:00",
"validFrom": 1755734400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-08-21T17:24:09.000+00:00",
"dn": "CN=jira.intranet.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "jira.intranet.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2026-01-09T00:19:44.000+00:00",
"lastFound": 1767917984000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 74426950,
"uuid": "9f240502-ac50-4325-910e-ee7ee4a0c754",
"netbiosName": "",
"name": "jira01.b01.eng.sjc01.qualys.com",
"operatingSystem": "Debian Project Debian Bookworm (12)",
"primaryIp": "10.44.201.67",
"created": "2025-08-13T09:49:47.000+00:00",
"updated": "2026-01-09T00:22:21.000+00:00",
"hostInstances": [
{
"id": 37750657,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+",
"pqcSupport": false,
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
}
]
}
]
}
]
},
{
"id": 4313452,
"certhash": "a11799dd9e34a4720e497f3aff0bfc6b24efa4d9aa770e1cd4fb9230e0a5019b",
"keySize": 2048,
"serialNumber": "0ea0a9aabbde4cab934da0f10b1c42ef",
"validToDate": "2026-08-25T23:59:59.000+00:00",
"validTo": 1787702399000,
"validFromDate": "2025-08-26T00:00:00.000+00:00",
"validFrom": 1756166400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-08-27T17:44:11.000+00:00",
"dn": "CN=qwiki.intranet.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "qwiki.intranet.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2026-01-08T18:20:35.000+00:00",
"lastFound": 1767896435000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 45197700,
"uuid": "8ae40c50-40d7-446d-a815-1dad55e496c2",
"netbiosName": "",
"name": "qwiki.intranet.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"primaryIp": "10.44.201.71",
"created": "2024-06-24T19:28:27.000+00:00",
"updated": "2026-01-08T18:24:25.000+00:00",
"hostInstances": [
{
"id": 37899685,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+",
"pqcSupport": false,
"cipherSuites": [
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "DHE-RSA-AES256-CCM",
"category": "GOOD"
}
]
}
]
}
]
},
{
"id": 4347291,
"certhash": "c2887b9e5fcb91dca247b4edec4d05bca83d7a0ac312124123b6366ad566cd0e",
"keySize": 2048,
"serialNumber": "0e160c5e9fce837b56fc058fb1cbc24c",
"validToDate": "2026-08-25T23:59:59.000+00:00",
"validTo": 1787702399000,
"validFromDate": "2025-08-26T00:00:00.000+00:00",
"validFrom": 1756166400000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-09-11T00:17:34.000+00:00",
"dn": "CN=stash.intranet.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "stash.intranet.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2026-01-12T21:16:19.000+00:00",
"lastFound": 1768252579000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 44276804,
"uuid": "6ef04d50-2930-47be-a4b1-9b4d3c4a3ac7",
"netbiosName": "",
"name": "stash.intranet.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"primaryIp": "10.44.201.69",
"created": "2024-05-15T08:56:33.000+00:00",
"updated": "2026-01-12T21:19:14.000+00:00",
"hostInstances": [
{
"id": 37751829,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-",
"pqcSupport": false,
"cipherSuites": [
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
}
]
}
]
}
]
},
{
"id": 4468682,
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"keySize": 384,
"serialNumber": "63959363c24e7082715918bfc3d7ed56",
"validToDate": "2027-03-12T23:59:59.000+00:00",
"validTo": 1804895999000,
"validFromDate": "2024-03-13T00:00:00.000+00:00",
"validFrom": 1710288000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=E8, O=Let's Encrypt, C=US",
"subject": {
"organization": "Let's Encrypt",
"locality": "",
"name": "E8",
"state": "",
"country": "US",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "ISRG Root X1",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "ISRG Root X1",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Intermediate",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Not Revoked",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "c5.f5.b19e.ip4.static.sl-reverse.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "158.177.245.197",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893767,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true,
"cipherSuites": [
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "TLS13-AES-128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-CHACHA20-POLY1305-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CHACHA20-POLY1305",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CAMELLIA256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-CAMELLIA128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES256-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA",
"category": "INSECURE"
}
]
}
]
}
]
},
{
"id": 4468683,
"certhash": "a2c751f5539b7b72ed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=test.openquantumsafe.org",
"subject": {
"organization": "",
"locality": "",
"name": "test.openquantumsafe.org",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "E8",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "ISRG Root X1",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "c5.f5.b19e.ip4.static.sl-reverse.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "158.177.245.197",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true,
"cipherSuites": [
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "TLS13-AES-128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-CHACHA20-POLY1305-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CHACHA20-POLY1305",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CAMELLIA256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-CAMELLIA128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES256-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA",
"category": "INSECURE"
}
]
}
]
}
]
},
{
"id": 4486575,
"certhash": "610ff05f60f8670e21e6c97f625a603561c83e16799655138f57843e4c156e57",
"keySize": 2048,
"serialNumber": "0be619a0b2c8112efa8b5c84bac8e784",
"validToDate": "2026-03-02T23:59:59.000+00:00",
"validTo": 1772495999000,
"validFromDate": "2025-03-03T00:00:00.000+00:00",
"validFrom": 1740960000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-12-26T04:53:11.000+00:00",
"dn": "CN=config-review.intranet.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "config-review.intranet.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-12-26T04:53:11.000+00:00",
"lastFound": 1766724791000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country": "US",
"state": "",
"certhash": "c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Global Root G2",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA",
"revocationStatus": "Scan Pending",
"assets": [
{
"id": 82308778,
"uuid": "6d6ece32-52c7-4b47-b0d0-a85a9ebac085",
"netbiosName": "",
"name": "config-review.intranet.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "10.44.201.217",
"created": "2025-12-26T04:53:11.000+00:00",
"updated": "2025-12-26T04:53:11.000+00:00",
"hostInstances": [
{
"id": 37893765,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-",
"pqcSupport": false,
"cipherSuites": [
{
"name": "AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-RSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "AES256-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES256-SHA",
"category": "INSECURE"
},
{
"name": "AES128-SHA256",
"category": "INSECURE"
},
{
"name": "AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "AES256-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-RSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "AES128-CCM",
"category": "GOOD"
},
{
"name": "AES256-CCM",
"category": "GOOD"
}
]
}
]
}
]
}
]
Sample: Response to include Asset TagsSample: Response to include Asset Tags
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "asset.operatingSystem",
"value": "SUSE Linux Enterprise Server 15 SP3",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_TAGS"
],
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83xxxxxxxxxxxxxxx3c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96xxxxxxxxxxxxxxx460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "cwww.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"tags": [
{
"name": "Internet Facing Assets",
"uuid": "ddc5ee2b-44e5-45e8-9c80-19992abd4d41"
}
],
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.signatureAlgorithm",
"value": "SHA384withECDSA",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"EXTENSIVE_CERTIFICATE_INFO"
],
"assetType": "MANAGED"
}
Response
[
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83xxxxxxxxxxxxxxx3c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"keyUsage": [
"Digital signature"
],
"enhancedKeyUsage": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
],
"subjectKeyIdentifier": "b6c75b1939d7afcc24cd9817a48850dd267971f4",
"authKeyIdentifier": "8f0d13a2f62e7ed1506c3318385d598e237291ca",
"subjectAlternativeNames": {
"DNS Name": [
"www.qualys.com"
],
"IP Address": null
},
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37xxxx68,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
Sample: Response with Exclude filters onlySample: Response with Exclude filters only
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.serialNumber",
"value": "061d501a758700b72120a2e8c74a51cd667f",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"excludeFields": "asset.hostInstances",
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "a2c751f5539b7b72ed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=test.openquantumsafe.org",
"subject": {
"organization": "",
"locality": "",
"name": "test.openquantumsafe.org",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "E8",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "ISRG Root X1",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "c5.f5.b19e.ip4.static.sl-reverse.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "158.177.245.197",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00"
}
]
}
]
v2.1
Use this API to retrieve certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
The API response of this new version of API features an important new field that specifies the key algorithm in use, such as RSA or ECC, as well as the key size, including options like 256, 384, 512, and 768. This helps in identifying whether they are using RSA or ECC keys. You can use certificate.publicKeyAlgorithm as a filter value to get the response based on the key algorithm used.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For more details regarding the supported API versions and sample field values for the includes parameter, refer to the Include Parameter Reference. |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample: Request and response using certificate.publicKeyAlgorithm filter valueSample: Request and response using certificate.publicKeyAlgorithm filter value
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.1/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter": {
"filters": [
{
"field": "certificate.publicKeyAlgorithm",
"value": "RSA",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES"
],
"assetType": "MANAGED"
}
Response
[
{
"id": 2163312,
"certhash": "6dca79243d2c31796050ebcfa6bc251f28f1805dd6528149d55e6ced047a6c47",
"keySize": 2048,
"serialNumber": "01434c80ea24163a54663a1a7c729492",
"validToDate": "2025-09-03T23:59:59.000+00:00",
"validTo": 1756943999000,
"validFromDate": "2024-09-04T00:00:00.000+00:00",
"validFrom": 1725408000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-09-17T05:18:00.000+00:00",
"dn": "CN=example.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "example.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-05T07:22:56.000+00:00",
"lastFound": 1746429776000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cxxxxxxxxxxfdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 45197700,
"uuid": "8ae40c50-40d7-446d-a815-1dad55e496c2",
"netbiosName": "",
"name": "example.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"hostInstances": [
{
"id": 27823184,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A+"
}
],
"assetInterfaces": [
{
"hostname": "example.qualys.com",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 2446837,
"certhash": "axxxxxxxxxxcff9eb492232dc42c134c5c2cf55ab3c907ec6697b05ca2199686",
"keySize": 2048,
"serialNumber": "0aecf066456ea2411cbdf932d5aeced0",
"validToDate": "2025-09-03T23:59:59.000+00:00",
"validTo": 1756943999000,
"validFromDate": "2024-09-04T00:00:00.000+00:00",
"validFrom": 1725408000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2024-10-04T11:34:18.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:00:43.000+00:00",
"lastFound": 1747134043000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cxxxxxxxxxxfdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 44276804,
"uuid": "6ef04d50-2930-47be-a4b1-9b4d3c4a3ac7",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "Tandberg Device / CentOS",
"hostInstances": [
{
"id": 21361190,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-"
}
],
"assetInterfaces": [
{
"hostname": "example.intranet.qualys.com",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 2548277,
"certhash": "4da40702a78418deaa09697a4c80e650a5fe088000644f0439289920a7cb72d2",
"keySize": 2048,
"serialNumber": "0deaf9b469fdce8198cd6c9e1bb87d10",
"validToDate": "2025-12-17T23:59:59.000+00:00",
"validTo": 1766015999000,
"validFromDate": "2024-12-18T00:00:00.000+00:00",
"validFrom": 1734480000000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-01-02T14:24:43.000+00:00",
"dn": "CN=www.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US, serialNumber=3152140, businessCategory=Private Organization, StateOrProvince=Delaware, CountryName=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:18:01.000+00:00",
"lastFound": 1747135081000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "403e062a2653059113285baf80a0d4ae422c848c9f78fad01fc94bc5b87fef1a",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"EASM",
"VM"
],
"assets": [
{
"id": 47092745,
"uuid": "ef0d52e5-7fd6-455f-8ebe-2243311d50b6",
"netbiosName": "",
"name": "www.qualys.com",
"hostInstances": [
{
"id": 21937410,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A-"
}
],
"assetInterfaces": [
{
"hostname": "www.qualys.com",
"address": "64.xx.xxx.xx"
}
],
"primaryIp": "64.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3462197,
"certhash": "85304f89bc84c259fb079092e5d687fe65ac97172a67d7bcdea87c576ef9da27",
"keySize": 2048,
"serialNumber": "60c452c8620beea4477368e64308e2a1",
"validToDate": "2026-12-08T19:06:48.000+00:00",
"validTo": 1796756808000,
"validFromDate": "2024-09-09T19:06:49.000+00:00",
"validFrom": 1725908809000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-11T06:40:49.000+00:00",
"dn": "CN=examplecom, OU=Operations and Infrastructure, O=Visa Inc., C=US, ST=Virginia, L=Ashburn",
"subject": {
"organization": "Visa Inc.",
"locality": "Ashburn",
"name": "example.visa.com",
"state": "Virginia",
"country": "US",
"organizationUnit": [
"Operations and Infrastructure"
]
},
"updateDate": "2025-03-11T06:40:49.000+00:00",
"lastFound": 1741675249000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Visa Inc.",
"organizationUnit": [
"Cybersecurity - Applied Crypto"
],
"name": "Visa Sandbox Issuing CA",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3465430,
"certhash": "6xxxxxxxxxxx67b8c04488951c72ee455e7962bb4932f47f1d1b1880efdeffcfc",
"keySize": 4096,
"serialNumber": "56e4ac98392c6221d73b84be8483387bd49d9595",
"validToDate": "2026-02-21T04:33:38.000+00:00",
"validTo": 1771648418000,
"validFromDate": "2025-02-21T04:33:39.000+00:00",
"validFrom": 1740112419000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-18T04:56:16.000+00:00",
"dn": "CN=ejbca.example.qualys.com, OU=Operations, O=\"Qualys, Inc,\b.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc,\b.",
"locality": "Foster City",
"name": "ejbca.example.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": [
"Operations"
]
},
"updateDate": "2025-03-18T04:56:16.000+00:00",
"lastFound": 1742273776000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "7exxxxxxxxxxxx32283fdf1cb9bccc200d27e9f35bb754f7e402581bd8366f8b",
"locality": ""
},
"rootissuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Root CA - G1",
"country": "US",
"state": "",
"certhash": "2a1d95f5530c489c25bb90013939d1bfde7eeb3a5067c2ef281f21ea927873db",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3493465,
"certhash": "axxxxxxxxxx60367a977618421574cecc4092d4ff9bf4e609670afec15bac774",
"keySize": 2048,
"serialNumber": "1614efc551fa14a04a9840c6dc1338fa",
"validToDate": "2025-07-09T18:30:00.000+00:00",
"validTo": 1752085800000,
"validFromDate": "2025-01-07T18:30:00.000+00:00",
"validFrom": 1736274600000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-03-28T03:35:05.000+00:00",
"dn": "CN=WIN-P8S24QHD09L",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2025-04-03T03:33:27.000+00:00",
"lastFound": 1743651207000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 50293148,
"uuid": "1dc38361-34df-4646-ad59-1375da766fd8",
"netbiosName": "",
"name": "10.xx.xx.xx",
"operatingSystem": "Microsoft Windows",
"hostInstances": [
{
"id": 27843720,
"port": 3389,
"fqdn": "",
"protocol": "tcp",
"service": "ms-wbt-server",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": null,
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3538844,
"certhash": "8f9db83d6e55237b861631ef9659f29c9194b0276543581452e4d3de5d80e417",
"keySize": 4096,
"serialNumber": "0b3b6bef878d9541f0416ebef82d4791",
"validToDate": "2026-03-25T23:59:59.000+00:00",
"validTo": 1774483199000,
"validFromDate": "2025-03-27T00:00:00.000+00:00",
"validFrom": 1743033600000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-04-16T09:43:34.000+00:00",
"dn": "CN=abc.qualys.com, O=\"Qualys, Inc\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc",
"locality": "Foster City",
"name": "abc.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": []
},
"updateDate": "2025-04-16T09:43:34.000+00:00",
"lastFound": 1744796614000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "DigiCert Inc",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "a52d05988b61a33d6ac3edb449eb47150fa5b7a26c7dfc4e61f905ca36e165ee",
"locality": ""
},
"rootissuer": {
"organization": "DigiCert Inc",
"organizationUnit": [
"www.digicert.com"
],
"name": "DigiCert Test Root CA",
"country": "US",
"state": "",
"certhash": "a3ac53581e043271878a12124c36660a443321e5a68418c3bc56dab9b1a4d674",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3538845,
"certhash": "6xxxxxxxxxxa1a0720733a0304f53e1ea31e5ad90be0f71bf6c7127e01b0d72a",
"keySize": 3072,
"serialNumber": "6233fb68f1cc4df01447ef492fb07a0d4db2c21b",
"validToDate": "2026-03-27T12:01:56.000+00:00",
"validTo": 1774612916000,
"validFromDate": "2025-03-27T12:01:57.000+00:00",
"validFrom": 1743076917000,
"signatureAlgorithm": "SHA256withRSA",
"extendedValidation": false,
"createdDate": "2025-04-16T09:43:34.000+00:00",
"dn": "CN=abc.com, OU=Operations, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject": {
"organization": "Qualys, Inc.",
"locality": "Foster City",
"name": "www.qualys.com",
"state": "California",
"country": "US",
"organizationUnit": [
"Operations"
]
},
"updateDate": "2025-04-16T09:43:34.000+00:00",
"lastFound": 1744796614000,
"imported": true,
"selfSigned": false,
"issuer": {
"organization": "Qualys, Inc.",
"organizationUnit": [
"Operations"
],
"name": "Qualys Test CA - G1",
"country": "US",
"state": "",
"certhash": "",
"locality": ""
},
"instanceCount": 0,
"assetCount": 0,
"type": "Leaf",
"publicKeyAlgorithm": "RSA"
},
{
"id": 3542049,
"certhash": "2xxxxxxxxxx47af6aa8e918d9b857c95854d7c6e5d18995d0db0559cc3471278",
"keySize": 2048,
"serialNumber": "37799f32b02555874b72ff9ed8bcfcc5",
"validToDate": "2025-07-03T08:22:48.000+00:00",
"validTo": 1751530968000,
"validFromDate": "2025-01-01T08:22:48.000+00:00",
"validFrom": 1735719768000,
"signatureAlgorithm": "SHA1withRSA",
"extendedValidation": false,
"createdDate": "2025-04-24T09:29:32.000+00:00",
"dn": "Cwww.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2025-05-13T11:34:00.000+00:00",
"lastFound": 1747136040000,
"imported": false,
"selfSigned": true,
"issuer": {
"organization": "",
"organizationUnit": [],
"name": "qw28uv4-65-163",
"country": "",
"state": "",
"certhash": "",
"locality": ""
},
"issuerCategory": "Self-Signed",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"assets": [
{
"id": 33237439,
"uuid": "f67edd6d-f31c-43a3-96b2-e890dcb879c4",
"netbiosName": "QW28UV4-65-163",
"name": "10.xx.xx.xx",
"operatingSystem": "Microsoft Windows Server 2008 Enterprise (6.0 SP2)",
"hostInstances": [
{
"id": 28356154,
"port": 3389,
"fqdn": "",
"protocol": "tcp",
"service": "ms-wbt-server",
"grade": "T"
}
],
"assetInterfaces": [
{
"hostname": "qw28uv4-65-163",
"address": "10.xx.xxx.xx"
}
],
"primaryIp": "10.xx.xxx.xx"
}
],
"type": "Leaf",
" >publicKeyAlgorithm": "RSA "
}
]
v2.2
Use this API to retrieve certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
We have introduced many improvements to enhance the visibility, accuracy, and usability of certificate and cipher suite data in the API responses.
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For more details regarding the supported API versions and sample field values for the includes parameter, refer to the Include Parameter Reference. |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2.2/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.isSelfSigned",
"value": "false",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"CERT_REVOCATION_INFO"
],
"assetType": "MANAGED"
}
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "9xxxxxxxxxx976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"revocationDetails": {
"ocspUris": null,
"crlUris": [
"http://e8.c.lencr.org/128.crl"
]
},
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
Sample: Response to include details of asset information (created and updated)Sample: Response to include details of asset information (created and updated)
API Request
curl -X 'POST'
'<qualys_base_url>/certview/v2.2/certificates'
-H 'accept: application/json'
-H 'Authorization: Bearer <JWT Token>
-H 'Content-Type: application/json'
-d' {
"filter":{
"filters":[
{
"field":"certificate.id",
"value":"3498985",
"operator":"EQUALS"
},
{
"*""field":"asset.createDate",
"*""value":"2025-06-12",
"operator":"GREATER_THAN_EQUAL"
}
],
"operation":"AND"
},
"pageNumber":0,
"pageSize":10,
"includes":[
"ASSET_INTERFACES"
],
"assetType":"MANAGED"
}
Response
{
"filter":{
"filters":[
{
"field":"certificate.id",
"value":"3498985",
"operator":"EQUALS"
},
{
"*""field":"asset.createDate",
"*""value":"2025-06-12",
"operator":"GREATER_THAN_EQUAL"
}
],
"operation":"AND"
},
"pageNumber":0,
"pageSize":10,
"includes":[
"ASSET_INTERFACES"
],
"assetType":"MANAGED"
}"Response":[
{
"id":3498985,
"certhash":"6dca79243d2c31796050ebcfa6bc251f28f1805dd6528149d55e6ced047a6c47",
"keySize":2048,
"serialNumber":"01434c80ea24163a54663a1a7c729492",
"validToDate":"2025-09-03T23:59:59.000+00:00",
"validTo":1756943999000,
"validFromDate":"2024-09-04T00:00:00.000+00:00",
"validFrom":1725408000000,
"signatureAlgorithm":"SHA256withRSA",
"extendedValidation":false,
"createdDate":"2025-04-01T09:43:29.000+00:00",
"dn":"CN=example.qualys.com, O=\"Qualys, Inc.\", L=Foster City, ST=California, C=US",
"subject":{
"organization":"Qualys, Inc.",
"locality":"Foster City",
"name":"example.qualys.com",
"state":"California",
"country":"US",
"organizationUnit":[
]
},
"updateDate":"2025-06-17T04:52:48.000+00:00",
"lastFound":1750135968000,
"imported":true,
"selfSigned":false,
"issuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
],
"name":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"country":"US",
"state":"",
"certhash":"c8025f9fc65fdfc95b3ca8cc7867b9a587b5277973957917463fc813d0b625a9",
"locality":""
},
"rootissuer":{
"organization":"DigiCert Inc",
"organizationUnit":[
"www.digicert.com"
],
"name":"DigiCert Global Root G2",
"country":"US",
"state":"",
"certhash":"cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f",
"locality":""
},
"issuerCategory":"DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"instanceCount":1,
"assetCount":1,
"sources":[
"VM"
],
"type":"Leaf",
"publicKeyAlgorithm":"RSA",
"revocationStatus":"Not Revoked",
"assets":[
{
"id":65139652,
"uuid":"da1f6aaa-f921-423d-82c8-34614debf1ed",
"netbiosName":"",
"name":"example.qualys.com",
"operatingSystem":"Debian Project Debian Bookworm (12)",
"hostInstances":[
{
"id":30880262,
"port":443,
"fqdn":"",
"protocol":"tcp",
"service":"https",
"grade":"A+"
}
],
"assetInterfaces":[
{
"hostname":"example.qualys.com",
"address":"10.xx.xx.xx"
}
],
"primaryIp":"10.xx.xx.xx",
"created":"2025-06-12T07:08:37.000+00:00""*",
"updated":"2025-06-17T05:15:57.000+00:00"
}
]
}
]
Use this API to retrieve PQC-supported certificates. You can use various filters to search the required result. You can use multiple filters and parameters. We have updated the limit for fetching the certificates.
You can see only those assets that have been assigned by your manager user. When you send an API request, you can access information about the assets and their corresponding certificates assigned to you, based on scope. For more information on tag-based user scoping refer to Certificate View Online help.
If you need to fetch certificate search results that exceed 10000 certificates, you can use this v2 version of List CertView Certificate API. The response contains certificate details, including associated host information and SSL/TLS related vulnerabilities and grades.
We have introduced the instance.pqcSupport filter along with the field PQC-supported algorithms that allows filtering certificates based on PQC support status (true or false). The field PQC_SUPPORTED_ALGORITHMS
Input ParameterInput Parameter
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
|
filter |
Optional |
String |
Filter the events list by providing a query using Qualys syntax. If you do not provide filter parameter, it shows details of all the certificates. For the list of tokens you can use to build the query refer to Search tokens and supported format. |
|
pageNumber |
Optional |
Integer |
The page to be returned. The default value is zero. |
|
pageSize |
Optional |
Integer |
Provide the number of records per page to be included in the response. Default: 10 Maximum: 200 For example, the total result set is 50 assets. If the page size is specified as 10, then the result is divided in 5 pages with 10 assets each. |
|
includes |
Optional |
String |
Includes the specified parameters in the response For more details regarding the supported API versions and sample field values for the includes parameter, refer to the Include Parameter Reference. |
|
excludeFields |
Optional |
String |
Exclude the specified parameters from the response.
Note: You can exclude multiple fields in the same query by using comma-separated field names. For more details, refer to the the Compatible tokens, date formats and supported operators |
|
Authorization |
Mandatory |
String |
Authorization token to authenticate to the Qualys Cloud Platform. Prepend token with "Bearer" and one space. For example - Bearer authToken |
Notes: While creating your query, ensure the following:
-
Value field can not be empty when the comparison operator is other than IS_EMPTY and IS_NOT_EMPTY
-
There can not be more than 1000 values provided (in csv format) when operator is IN
-
CONTAINS operator does not work with field of type Date, Boolean and IP Address
-
GREATER, LESSER , GREATER_THAN_EQUAL and LESS_THAN_EQUAL do not work with Boolean, string and IP address.
Sample: Response to include PQC-supported AlgorithmsSample: Response to include PQC-supported Algorithms
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2.3/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "instance.pqcSupport",
"value": "true",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"PQC_SUPPORTED_ALGORITHMS"
],
"assetType": "MANAGED"
}
Response
[
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.comg",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true,
"pqcSupportedAlgorithms": [
"MLKEM1024",
"MLKEM512",
"MLKEM768",
"SecP256r1MLKEM768",
"SecP384r1MLKEM1024",
"X25519MLKEM768"
]
}
]
}
]
}
]
Sample: Response to include all supported filtersSample: Response to include all supported filters
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2.3/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.type",
"value": "Leaf",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"includes": [
"ASSET_INTERFACES","VULNERABILITIES","SSL_PROTOCOLS", "CIPHER_SUITES", "ASSET_TAGS", "EXTENSIVE_CERTIFICATE_INFO", "CERT_REVOCATION_INFO", "PQC_SUPPORTED_ALGORITHMS"
],
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "a2c751f5539b7b72ed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=test.openquantumsafe.org",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "83624fd338c8d9b023c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"keyUsage": [
"Digital signature"
],
"enhancedKeyUsage": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
],
"subjectKeyIdentifier": "b6c75b1939d7afcc24cd9817a48850dd267971f4",
"authKeyIdentifier": "8f0d13a2f62e7ed1506c3318385d598e237291ca",
"subjectAlternativeNames": {
"DNS Name": [
"www.qualys.com"
],
"IP Address": null
},
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"revocationDetails": {
"ocspUris": null,
"crlUris": [
"http://e8.c.lencr.org/128.crl"
]
},
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.com",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"assetInterfaces": [
{
"hostname": "c5.f5.b19e.ip4.static.sl-reverse.com",
"address": "xxx.xxx.xxx.xxx"
}
],
"tags": [
{
"name": "www.qualys.com",
"uuid": "ddc5ee2b-44e5-45e8-9c80-19992abd4d41"
}
],
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"sslProtocols": [
"TLSv1.2",
"TLSv1.3"
],
"vulnerabilities": [
{
"title": "SSL Server Information Retrieval",
"severity": 1,
"qid": 38116
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Invalid Protocol Version Tolerance",
"severity": 1,
"qid": 38597
},
{
"title": "SSL Certificate will expire within next six months",
"severity": 1,
"qid": 38600
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Key Exchange Methods",
"severity": 1,
"qid": 38704
},
{
"title": "Secure Sockets Layer/Transport Layer Security (SSL/TLS) Protocol Properties",
"severity": 1,
"qid": 38706
},
{
"title": "Secure Sockets Layer (SSL) Certificate Transparency Information",
"severity": 1,
"qid": 38718
},
{
"title": "Reports if server supports Post Quantum Cryptographic(PQC) Key Exchange Algorithm",
"severity": 1,
"qid": 38994
},
{
"title": "Reports Signature Algorithm used in Post Quantum Cryptographic(PQC) detection using QID 38994",
"severity": 1,
"qid": 38995
},
{
"title": "TLS Secure Renegotiation Extension Support Information",
"severity": 1,
"qid": 42350
},
{
"title": "SSL Certificate - Information",
"severity": 1,
"qid": 86002
},
{
"title": "HTTP Strict Transport Security (HSTS) Support Detected",
"severity": 1,
"qid": 86137
}
],
"vulnCount": 11,
"pqcSupport": true,
"cipherSuites": [
{
"name": "TLS13-AES-256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "TLS13-AES-128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "TLS13-CHACHA20-POLY1305-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CHACHA20-POLY1305",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES128-SHA",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA128-GCM-SHA256",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-CAMELLIA256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-CAMELLIA128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES256-CCM",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA384",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-AES128-SHA256",
"category": "INSECURE"
},
{
"name": "ECDHE-ECDSA-ARIA256-GCM-SHA384",
"category": "GOOD"
},
{
"name": "ECDHE-ECDSA-AES256-SHA",
"category": "INSECURE"
}
],
"pqcSupportedAlgorithms": [
"MLKEM1024",
"MLKEM512",
"MLKEM768",
"SecP256r1MLKEM768",
"SecP384r1MLKEM1024",
"X25519MLKEM768"
]
}
]
}
]
}
]
Sample: Response without any Include parameterSample: Response without any Include parameter
API Request
curl -X 'POST' \
'<qualys_base_url>/certview/v2.3/certificates' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT Token>' \
-H 'Content-Type: application/json' \
-d '{
"filter": {
"filters": [
{
"field": "certificate.serialNumber",
"value": "061d501a758700b72120a2e8c74a51cd667f",
"operator": "EQUALS"
}
],
"operation": "AND"
},
"pageNumber": 0,
"pageSize": 10,
"assetType": "MANAGED"
}
Response
[
{
"id": 4468683,
"certhash": "axxxxxxxxxxxxxxxed994fdabf1f59a7570615e1ca2d26b6e4657e6b5a01b93c",
"keySize": 256,
"serialNumber": "061d501a758700b72120a2e8c74a51cd667f",
"validToDate": "2026-02-07T15:37:51.000+00:00",
"validTo": 1770478671000,
"validFromDate": "2025-11-09T15:37:52.000+00:00",
"validFrom": 1762702672000,
"signatureAlgorithm": "SHA384withECDSA",
"extendedValidation": false,
"createdDate": "2025-11-10T08:36:15.000+00:00",
"dn": "CN=www.qualys.com",
"subject": {
"organization": "",
"locality": "",
"name": "www.qualys.com",
"state": "",
"country": "",
"organizationUnit": []
},
"updateDate": "2026-01-06T04:49:03.000+00:00",
"lastFound": 1767674943000,
"imported": false,
"selfSigned": false,
"issuer": {
"organization": "Let's Encrypt",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "8xxxxxxxxxxxxxxx23c18a67cb7a9c0519da43d11775b4c6cbdad45c3d997c52",
"locality": ""
},
"rootissuer": {
"organization": "Internet Security Research Group",
"organizationUnit": [],
"name": "www.qualys.com",
"country": "US",
"state": "",
"certhash": "9xxxxxxxxxxxxxxx7460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6",
"locality": ""
},
"issuerCategory": "unapproved",
"instanceCount": 1,
"assetCount": 1,
"sources": [
"VM"
],
"type": "Leaf",
"publicKeyAlgorithm": "EC",
"revocationStatus": "Unknown",
"assets": [
{
"id": 77714122,
"uuid": "b2220f0a-4b01-436d-b183-96228153bbd2",
"netbiosName": "",
"name": "www.qualys.comm",
"operatingSystem": "SUSE Linux Enterprise Server 15 SP3",
"primaryIp": "xxx.xxx.xxx.xxx",
"created": "2025-09-25T10:45:13.000+00:00",
"updated": "2026-01-06T04:56:07.000+00:00",
"hostInstances": [
{
"id": 37893768,
"port": 443,
"fqdn": "",
"protocol": "tcp",
"service": "https",
"grade": "A",
"pqcSupport": true
}
]
}
]
}
]
API Version History
The following table depicts the information about the different versions of this API, along with the status:
| API version | Status | EOS | EOL |
|---|---|---|---|
| /certview/v2.3/certificates | Active | ||
| /certview/v2.2/certificates | Active | ||
| /certview/v2.1/certificates | To be deprecated | January 2026 | July 2026 |
| /certview/v2/certificates | To be deprecated | January 2026 | July 2026 |