Discover multiple certificates from a single port.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2025 04:46 AM
Hi All,
We are in the process of implementing certificate management. Following are the limitations.
1. Port scan discovery can discover only one certificate per port/device.
2. It cannot discover non encrypted certificates.
Please share your suggestions to overcome these limitations.
Thanks,
Santhosh
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2025 08:39 PM
Hi @Santhosh51
Yes, agree
tls_ssl_certs" Probe limitation: This standard ServiceNow port probe only scans ports commonly associated with encrypted traffic, like HTTPS (port 443), so it won't detect certificates on ports like HTTP (port 80) which might be unencrypted.
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0858333
Mark it helpful and Accept Solution!! If this helps you to understand.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2025 10:00 PM
for multiple certificates per port/device:
use custom discovery patterns to extract multiple certificates.
implement powershell/shell scripts to scan and retrieve all certificates.
for non-encrypted certificates discovery:
use Agent-based discovery or manually import certificates.
leverage certificate inventory API to fetch and manage certificates.