Start monitoring assets on your hosts by adding external (public) and internal sites to Certificate View.
You can add external sites if you have a Certificate View Free subscription. To add and monitor internal sites, upgrade to a Certificate View Full subscription.
You can add external sites in two ways: individually or in bulk.
Note: You can also add external sites from your VM/VMDR account refer to Adding Assets from VM/VMDR Account. For more information refer to VM/VMDR online help Manage IPs Across Apps section.
Go to Assets > External Sites and click Add Sites.
Provide either FQDNs or IP addresses of public sites you want to scan for certificates. The scan is initiated for a list of standard ports to collect certificate information on the sites provided by you.
Select the Add to Weekly Scan option to include or exclude the site from the weekly scheduled scan.
Click Save to scan the sites at a later time, or click Save and Start Scan to scan the site immediately.
Once the site is added, it is listed in the External Sites tab. Here you can view details about the sites like when it was last scanned, the status of the scan (Finished, Canceled, Waiting, Queued, Running, or Error). The external sites on the External Sites tab display based on the last scan date. You can also sort the information as per the last scan date.
Navigate to the Quick Actions menu for any site to perform actions on your scan, such as Launch Scan, Delete, Cancel Scan
You can add external sites with the Upload Bulk Sites functionality. Bulk uploading of external sites is possible with the use of a CSV file.
Note: You can add up to 1000 external site in one CSV file. External sites cannot be added using IPv6 addresses and FQDNs.
Follow these steps to add external sites.
1. Go to Assets > External Sites and click Upload Bulk Sites.
2. Browse your CSV file from your local machine and click Next.
You can download the sample CSV template and use it to add up to 1000 of your preferred sites.
3. Review your uploaded data, click Save or Save and Launch Scan.
Manager users can add these sites to weekly scans as per the requirement.
Your added sites are displayed in External Sites tab.
You can monitor FQDNs and IP addresses of internal sites if you have the Certificate View Full subscription. You can also view the certificate information gathered from your target IPs during the VM scans in Certificate View.
Following is the list of private IP addresses you can use while adding internal sites.
172.16.0.0...172.31.255.255
192.168.0.0...192.168.255.255
10.0.0.0...10.255.255.255
240.0.0.0...255.255.255.255
Add the IPs you want to monitor for certificates and TLS configurations to CertView in your VM/VMDR app.
- Go to VM/VMDR > Assets > Address Management.
- From the New menu, select IP Tracked Addresses.
- Add IPs to subscription window is displayed.
- Go to the Subscription IPs tab, enter IP or IP address range, From Add To section, select CertView.
Add the IPs you want to monitor for certificates and TLS configurations to CertView in your VM/VMDR app.
Go to VM/VMDR > Assets > Host Assets. From the New menu, select Add IP in CertView. Review the number of hosts you can add, enter the new IPs/ranges, and click Add. You can see the IPs currently added to CertView by selecting Filters > CertView Hosts.
Note: CertView only shows information for IPs added to CertView, regardless of whether the data was collected via VM scans or CertView scans.
Confirm that the SSL Certificates Search List is included in the Option Profile you use for your VM scans.
The QIDs listed in the SSL Certificates Search List is included along with the Vulnerability Detection QIDs for your VM scans.
You can check out the tutorial about Adding Sites to Scan from our video library.
To know more about scans from VM/VMDR refer to Start CertView Scans.