Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to discover PKI certificates

Go to solution
Nisha30
Kilo Sage

3 weeks ago

Hello ITOM World,

 

There are couple of threads and document - Certificate management.

 

Unable to conclude are we able to discover certificates as out of box using Discovery ?? is there an OOB pattern / prove available? 

OR

there has to be custom pattern to be created for this?

 

Thanks

0 Helpfuls
  • 553 Views
1 ACCEPTED SOLUTION

Go to solution
Nisha30
Kilo Sage
In response to Renat Akhmedov

3 weeks ago - last edited 3 weeks ago

Thanks @Renat Akhmedov 

yes we do have CIM installed and ITOM.

So what I wanted to know is do we need to set up credentials something like what we do for infra device discovery .

We have our win, lin and other credentials set up as ITOm discovery. 

 

Specific to Certificates what steps to be followed or the ITOM credentials for WIN,LIN etc will work and we do not need any configure/setup separately.

Thanks

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Renat Akhmedov
Kilo Sage
In response to Nisha30

2 weeks ago

Hi @Nisha30,

This type of integration should be done via API, not through Discovery or a MID Server. The connection is established using an API key or token defined in the Certificate Authority Account record.

I hope it helps you, and if not, please don't hesitate to ask. 

Best regards,
Renat Akhmedov

0 Helpfuls

Go to solution
Swapna Abburi
Mega Sage
Mega Sage

3 weeks ago

Hi @Nisha30 

You need to activate "tls_ssl_certs" port probe. After activation, your horizontal discovery should take care of discovering SSL/TLS certificates. Default ports are already added to the probe OOTB. if you need to add any specific ports you can add them as well. Screenshots for reference.

SwapnaAbburi_0-1762361285717.png

 

SwapnaAbburi_1-1762361412585.png

 

Go to solution
Nisha30
Kilo Sage
In response to Swapna Abburi

2 weeks ago

Hi @Swapna Abburi  yes i see in my system this is active. 

So where are the certificate discovered stored ? is it  the table -

cmdb_ci_certificate

OR

sn_disco_certmgmt_cmdb_installed_certificate

 

I can see data in both tables . Which one is relevant to TLS/SSL inventory?

Thanks

0 Helpfuls

Go to solution
Swapna Abburi
Mega Sage
Mega Sage
In response to Nisha30

2 weeks ago

@Nisha30 

cmdb_ci_certificate - this table is the core table for certificates information.

sn_disco_certmgmt_cmdb_installed_certificate - this table shows the device information where the certificate has been installed. For example: Server and certificate relationship details.

 

Hope it answers your query.