Checking for Hard-Coded TLS Certificate References – KB2481958

Jason116 · 3 weeks ago

Hi everyone,

As per KB2481958 regarding the upcoming TLS certificate changes, I’m looking to confirm whether any existing scripts or configurations within our instance might contain hard-coded references to the affected certificates.

Has anyone found an effective way—perhaps via a background script or another method—to identify any such hard-coded certificate references across internal scripts?

Any examples or best practices for scanning or validating this would be greatly appreciated.

Thanks in advance for your help!

Kieran Anson · 3 weeks ago

Hi,

The checking will largely need to be done within your internal network

Ensure your network team trust the DigiCert CA, to allow access to the ServiceNow platform from within your corporate network
Ensure any MID servers deployed are within a network segment that allows for both access to the ServiceNow platform, and the digiCert certificate revocation endpoint
Ensure your network setup doesn't involve caching or storing certificates