View Certificates

Qualys Certificate View application provides a comprehensive view of all the SSL/TLS certificates across your enterprise and cloud-hosted managed assets. ETM integrates with the Qualys Certificate View application, allowing you to view certificates from the Qualys Certificate View application. Moreover, ETM also enables you to view certificates for unmanaged assets.

A new tab, Certificates, is added under the Inventory tab. From this tab, you can see certificates for managed and unmanaged assets discovered from Cloud Agent, IP, and EASM inventory sources. 

1. You can see a detailed summary of certificates, such as the organization, the issuer's name, algorithm, sources, and so on.
2. You can see the tiles that show the count of Expired, Expiring, Low Grade, and Qualys Renewable certificates. 
3. You can search certificates using a Qualys Query Language (QQL).
4. You can use the search criteria in the left pane to find a summary of the required certificate details. The supported search criteria are Expiring Certificates, Algorithm, Unique Key Size, and Certificate Authority.
   1. Examples:
      1. You can find certificates that will expire in 90 days, 60 days, 30 days, or expired certificates.
      2. You can find certificates based on the specified algorithm, such as MD5withRSA or SHA256withRSA.
5. You can use quick operations such as downloading the certificate data, refreshing the certificates, toggle the graph to show or hide the tiles that show expired, expiring, low grade, and Qualys renewable certificates. 

View Certificate Details

• You can view the individual certificate details to learn the detailed certificate information.
• You can find Certificate instance details, such as certificate name, protocol, and service, from the Certificates tab on the Asset Details page.

Click View Details from the Quick Actions menu of the certificate to view the following certificate details:

• Information tab: You can see whether the certificate is valid or expired, The certificate issued by, issued to, Fingerprints details, and Certificate Details - Serial Number, Certificate Type, Key, Signature Algorithm, First Found, and Last Found dates.
• You can also see other details, such as Subject Alternative Names, Key usage, and Validity.
• Hosts tab: You can see the host and instance breakdown details from this tab. You can see the name of the asset associated with the certificate, sources, port, protocol, service, last found, and certificate grade details.  
• Certificate Path tab: You can see the certificate path detected on assets.  
• Raw tab: You can see the raw certificate with its format, such as PEM. You can Download and Copy the raw certificate.  
• Activity Log tab: You can see activity logs, such as when the certificate was issued, when it was approved, and so on.