Helping Build, Manage, and Maintain Secure SSL/TLS Connections
Using the Certificate Inspector to build, manage, and maintain a secure network requires a DigiCert account. After you receive your account from us, you need to download and install the DigiCert Certificate Agent on the computer from which you want to scan the other servers.
The agent allows the Certificate Inspector to analyze your SSL Certificates. In addition, because the computer on which you install the agent is part of your internal network, not only can you scan public facing sites, but also internal sites.
Next, as part of the authentication process, you must use your website credentials to register the Certificate Agents. Finally, you select which servers you want to scan.
After the Certificate Inspector scans and analyzes the SSL Certificates, Endpoints, and certificate implementations, you can view the results and decide on the necessary actions that you should take to strengthen the security of your network.
Collecting Certificate Information
The Certificate Inspector shows the grade that the certificate received the last time it was scanned.
The Certificate Inspector provides information about the root certificate, any intermediate certificates (certificates signed by certificates that were signed by the trusted root certificate), and your certificate.
The Certificate Inspector looks at each certificate’s expiration date. Expired SSL Certificates may cause Web browsers to display warnings when end-users/clients visit your site; warnings can trigger end-user mistrust.
Last Scan Date
The Certificate Inspector shows the date that the certificate was last scanned.
Other Data Collected:
Certificate Signature Algorithm
Subject Alternative Names (SANs)
X.509 Extensions Examined:
AIA Issuer Path URL
AIA OCSP URL
CRL Distribution Point
Extended Key Usage
The DigiCert Certificate Inspector scans your SSL environment to find weak points in your SSL installations and configurations. We created a proprietary algorithm that allows the Certificate Inspector to analyze the collected data and assign each of your SSL Certificates and Endpoints a letter grade, A – F. Note that certain vulnerabilities affect the letter grade you receive, while in other cases, you simply receive a warning alerting you to the potential weaknesses.
Your security is awesome; keep up the good work.
Your security is good, but it is not future-proof or may have compatibility issues.
Your security has issues that need your attention; start making plans to fix these issues today. You are vulnerable to nation-state-type attackers.
Your security is weak and is susceptible to known vulnerabilities; start fixing these problems today. You are vulnerable to experienced hackers.
Your security is unacceptable; start fixing problems immediately. You are vulnerable to even novice attackers.
DigiCert Certificate Agent Management
DigiCert Certificate Agent Management enables you to run scans and install SSL Certificates in moments with a Command Line Interface or the intuitive GUI.
Additional DigiCert Certificate Agent Management functionality allows you to:
Disable unused agents
Download new agents
Identify individual agents via unique certificates
View all agents currently used in system