Add Certificate Authorities to categorize better and identify whether the certificates come from approved or unapproved CAs.
Go to Configuration > Approved CAs > New CA.
Note: We do not support the Binary format. The supported file format for a certificate is Base64 encoded ASCII. We recommend you to convert the file to Base64 encoded ASCII format before uploading.
Add a .pem file.
Once a CA is added, all existing and new certificates will be categorized in the subsequent scan.
Qualys uses the DigiCert API key to communicate with DigiCert to enroll or renew certificates. You can choose to add an API key to an existing approved DigiCert CA.
1) Get your API Key from DigiCert. You can get more information here.
2) Navigate to Configuration > Approved CAs and choose the CA to which you want to add the API key.
3) From the Quick Actions menu, click View Certificate, and in the Information tab of Certificate Details, click the pencil icon next to the API Key field.
4) In the API Key field, copy the key you get from DigiCert. You can also test if the key is valid before saving the key for this CA.
You can check out the tutorial about Approved CA from our video library.