Scanning Uploaded Certificates

You can upload individual certificates or you can zip a group of certificates and then add them. For Windows-related servers and CA communication, an agent should be installed and configured in AppViewX.

To scan the uploaded certificate,

  1. From the CERT+ menu, under CERTIFICATE DISCOVERY, select Discovery > Upload.
    The Discovery : Upload : Add Discovery page is displayed.
  2. In the Discover Details section, select/enter the following details:
    Table 1. Field descriptions for the Discover Details section
    Field Description
    Discovery Instance Name Enter the name of the discovery instance.
    Description

    Enter the required details in this field.

    Note: You can enter a maximum of 2000 characters in this field.
  3. In the Discover By section, enter/select the following details:
    Table 2. Field descriptions for the Discover By section
    Field Description
    *Discovery From From the dropdown list, select the source of the discovery.
    *Choose File You can upload a certificate file in one of the following formats: .zip, .tar, tar.gz, .crt, .cer, .der, .p7b, .p7c, .pem, .pfs, .jks, .p12.
    To upload a certificate file:
    1. Click Upload and navigate to the location of the required certificate file.
    2. Select the file and click Open.
    *File Password If the certificate file uploaded in Choose File is password-protected, in this field, enter the password for accessing the file.
    Comments Enter any additional remarksor details related to the process.
  4. In the Discovery Rules section, from the Associate Rule dropdown list, select a rule that will be used to filter the discovered certificates.
    A setof filters is combined to create a rule, from the Rules menu. The selection of rules will apply respective filters on discovered certificates.
  5. In the After Discover section, enter/select the following details:
    Table 3. Field descriptions for the After Discover section
    Field Description
    *Move Certificate to Inventory with Status Select from one of the following options:
    • Do not move: The newly discovered certificates and their objects will not be moved to the inventory.
    • Managed: The newly discovered certificates and their objects will be moved to the inventory with the status set to Managed.
    • Monitored: The newly discovered certificates and their objects will be moved to the inventory with the status set to Monitored.
    Use Access Control Rule To apply the rule configured using Access Control, select this checkbox.
    Note: If this checkbox is enabled, the certificate group will be associated automatically by the rule in access control.
    *Certificate Group From rthe dropdown list, select a certificate group to which the discovered certificates will be associated.

    Based on the group association, a policy will also be applied to these certificates, which will help ascertain compliance or non-compliance.

  6. Click Discover/Schedule to trigger the on-demand/scheduled discovery, respectively.