Run a single cloud scan

Use Discovery cloud scan to scan your public domains. A Discovery cloud scan stores results for 8 hours. Set up a scan to get the certificate information installed on your server.

A cloud scan discovers and scans only public-facing TLS/SSL certificates using default TLS/SSL protocols, which is TLSv1.2 or higher.

  1. In your CertCentral account, in the left main menu, go to Discovery > Manage Discovery.

  1. On the Manage scans page, in the scans table, select Single cloud scan.

  1. On the Configure cloud scan page, set up your cloud scan:

    1. Enable deep scan (Optional)
      A deep scan includes the cipher suite scan, HTTP header scan, and TLS/SSL protocols (SSLv3, SSLv2, TLSv1.1, and TLSv1.0) used for the handshake. It also includes the default TLS/SSL protocols (TLSv1.2 or higher).
      Note: If a deep scan is enabled, it increases the scan time by several minutes.
    2. Scan critical TLS/SSL server issues (Optional)
      Enable this scan to discover critical TLS/SSL server issues such as Heartbleed, Poodle (SSLv3), FREAK, Logjam, DROWN, RC4, and POODLE (TLS).
      For more information about these TLS/SSL issues, see TLS/SSL endpoint vulnerabilities.
    3. Ports
      Cloud scan only supports port 443 to scan your network for TLS/SSL certificates.
    4. IP/FQDN to scan
      Currently, cloud scan supports only IPv4 scanning.
      Include
      Enter the public-facing FQDNs and IP addresses you want to include in the scan. Select Include.
      Include an FQDN (example.com), a single IP address (10.0.0.1), a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).
      Exclude
      Enter the public IP address you want to exclude from a range of IP addresses. Select Exclude.
      Exclude a single IP address (10.0.0.1) or a range of IP addresses (10.0.0.1-10.0.0.255), or an IP range in CIDR format (10.0.0.0/24).
      Import from CSV
      To import a CSV file containing a list of public FQDNs and IP addresses you want to scan, select Import from CSV.

  1. Select Save and run.

What's next

Your single cloud scan stores result for 8 hours. To view scan results, in the left main menu, go to Discovery > View results.

Related topic:

About

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.