Run a single cloud scan

Use Discovery cloud scan to scan your public domains. A Discovery cloud scan stores result for 8 hours. Set up a scan to get the certificate information installed on your server.

A cloud scan discovers and scans only public-facing TLS/SSL certificates using default TLS/SSL protocols, which is TLSv1.2 or higher.

  1. In your CertCentral account, in the left main menu, go to Discovery > Manage Discovery.

  1. On the Manage scans page, in the scans table, click Single cloud scan.

  1. On the Configure cloud scan page, set up your cloud scan.

    1. Enable deep scan (Optional)
      A deep scan includes cipher suite scan, HTTP header scan, and TLS/SSL protocols (SSLv3, SSLv2, TLSv1.1, and TLSv1.0) used for the handshake, in addition to the default TLS/SSL protocols (TLSv1.2 or higher).
      Note: If a deep scan is enabled, it increases the scan time by several minutes.
    2. Ports
      Cloud scan supports only port 443.
    3. IP/FQDN to scan
      Currently, cloud scan supports only IPv4 scanning.
      Include
      Enter the public-facing FQDNs and IP addresses you want to include in the scan and click Include.
      Include an FQDN (example.com), a single IP address (10.0.0.1), a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).
      Exclude
      Enter the public IP address you want to exclude from a range of IP addresses and click Exclude.
      Exclude a single IP address (10.0.0.1) or a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).
      Import from CSV
      To import a CSV file containing a list of public FQDNs and IP addresses you want to scan, click Import from CSV.
  1. Click Save.

What's next

Your single cloud scan stores result for 8 hours. To view scan results, in the left main menu, go to Discovery > View results.

Reference topic: