How to configure scan targets

SSL

To scan certificates from the server, the account administrator must provide one of the following:

• FQDN (Fully Qualified Domain Name)

• IP Address or IP Address Range

• TCP Port

• To add multiple scan targets, the administrator can click the "(+)" button, as shown below.

The account administrator can set up a Scan schedule as per their preference

Hardware Security Modules (HSM)

To scan certificates via an HSM (Hardware Security Module):

• Upload or paste the HSM configuration.

• Enter the HSM password.

• Select the Certificates and Keys checkboxes as needed.

• Click Start Action to initiate the scan.

To add multiple scan targets, administrators can click the "(+)" button.

The account administrator can set up a Scan schedule as per their preference

LDAP (Lightweight Directory Access Protocol)

To scan certificates via LDAP (Lightweight Directory Access Protocol):

• Provide the LDAP URL and Container Name.

• Enter the Admin DN (Distinguished Name) and Password.

• Click Start Action to begin the scan.

• To add multiple scan targets, administrators can click the "(+)" button, as shown below.

The account administrator can set up a Scan schedule as per their preference

Certificate Store

When scanning certificates via the Certificate Store, the IP address of the system is automatically fetched, and all certificates installed on the system are scanned.

The account administrator can set up a Scan schedule as per their preference

AWS

To scan certificates via AWS Cloud Providers:

• Provide the AWS User ID, Access Key, and Secret Key.

• Select the desired Regions from the dropdown.

• Click Start Action to initiate the scan.

• To add multiple scan targets, administrators can click the "(+)" button, as shown below.

The account administrator can set up a Scan schedule as per their preference

File System

When scanning certificates via the File System, the system’s IP address is automatically fetched, and all available certificates are scanned.

Note: Only certificates that are downloaded or extracted on the system will be detected during the scan.

The account administrator can set up a Scan schedule as per their preference.