Skip to main content

Discovery user guide

Discovery uses sensors to scan your network and find all your internal and public-facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA). These sensors are small software applications that you install in strategic locations.

Each scan is linked to one sensor. Scans are configured to examine specific fully qualified domain names (FQDNs), IP addresses, and port combinations for the presence of TLS/SSL certificates. Configure scans to run immediately, once – at a specified time, or multiple times – on a set schedule.

These scans provide detailed information about certificates in your network:

  • Common name

  • Expiration date

  • Certificate status

  • Issuing certificate authority

  • Ports and IP addresses of the certificate host

  • Certificate security rating

  • Server security issues

  • TLS/SSL vulnerabilities

Scans can be used to identify the operating system of your server host, the open IP addresses and ports, and the server host of the IP addresses.

Discovery Dashboard in CertCentral