Certificate Inventory Tool
Locate all SSL Certificates, monitor upcoming expirations, & keep up
with baseline requirements
The Need for Better SSL Tracking
Do you know where you have SSL certificates installed? How about when each certificate is going to expire and which CA you ordered from? Given the large number of certificates the average organization uses, this type of information can be difficult and tedious to compile.
Our new Certificate Inventory Tool finds all SSL certificates on your networks, both internal and public-facing, regardless of the issuing CA. The resulting inventory is available in an easy-to-use portal, allowing you to run reports on usage, upcoming renewals, configurations, and CA issuance.
Benefits of the Certificate Inventory Tool
Find and monitor all internal and public-facing SSL certificates from one location, regardless of issuing CA, including self-signed
Avoid unexpected expiration with email reminders to renew regardless of CA
Keep up with baseline requirements and best practices with the ability to run reports on key length, hashing algorithm, and other configuration options
Locate any certificates that may have been purchased ad hoc by other individuals or departments
Easily track the source/issuing CA for all of your certificates
Save valuable time and resources over manual monitoring
Discovery Scans and Reporting
Run discovery scans to locate SSL Certificates across your networks. Scans can be run as frequently as needed or scheduled. Scans can be run from a range of targets including domain names, host names, ip address range, or a set of ports.
Once a scan is run, you can choose which certificates to add to your inventory. Once certificates are in your inventory, there are a number of different reports that can be run to help you manage your certificates. Reports can be run ad-hoc or scheduled, scheduled reports can be emailed to users as a PDF or XLS file.
Report types include:
High level report defining any
pending or non-compliance
certificates in the inventory
List of certificates that violate
any custom defined policy
(issue date, key size,
validity period, etc)
Subject Alternative Names (SANs)
List of all certificates with their
Overview of any certificates
that are outside of the CA/
Browser Forum baseline
Server and IP Inventory
List of all IPs and associated
FQDNs where certificates have