#
Certificates
SSL/TLS Certificates are a valuable source of information that are found on almost every web server on the internet. They can include information about your organization's network administrators, commonly used domain names (subject alternative names), and important dates for infrastructure updates. Certificates are commonly shared across many pieces of an attack surface, and you can select each individual certificate (which is uniquely identified by its fingerprint) to view all locations that certificate has been discovered.
Certificates are commonly found by completing a handshake with any servers identified to be using SSL/TLS and parsing the certificate that is received during that handshake.
#
Accessing the Certificates page
To access the Certificates page, select or hover over EASM in the side navigation and then select Certificates.
#
Filtering the Certificates page and viewing details
Select the Filter icon
to narrow the Certificates table results.See the Search, Sort, and Filter tables section for customizing the table display and the Save applied filter as a preset to save your user-defined filters for reuse.
Select anywhere in a Certificates table row to display the Certificate details page in the right side slide out drawer in a condensed display.
The Certificate Details page includes the certificate's common name, the discovery chain, protocols/ports/ciphers, and details such as the issuer, etc.
Note
Select the full-page icon
to the far right on any row to
display a full-page view of the Certificate details. You can also select the full-page icon from the details
side page view.
#
Create Policy
See the Policies section for details on creating alerts for this asset type.