In Discovery, we added a new feature—Add root and intermediate CAs—that lets you upload public and private root and intermediate CAs. Use this feature to get more accurate security ratings for certificates chained to them.
If Discovery is unable to locate the root and intermediate CAs for a certificate, it down grades the certificate's security rating. By uploading a copy of the certificate's intermediate and root CAs, the next time Discovery runs a scan that includes that certificate, you'll get a more accurate rating.
Note: Supported certificate formats: .der and .cer
In CertCentral, in the left main menu, click Discovery > Manage Discovery. On the Manage scans page, in the More actions dropdown, click Manage root and intermediate CAs. See Add public and private root and intermediate CAs in our Discovery user guide.
In Discovery, we added a new Blacklist feature that lets you exclude specific IP addresses and FQDNs from your scan results. For example, you may want to blacklist a domain in your CDN network.
Note: When you blacklist an IP address or FQDN, its information is excluded from all future account Discovery scans. This feature does not remove information from existing scan results.
In CertCentral, the left main menu, click Discovery > Manage Discovery. On the Manage scans page, in the More actions dropdown, click Manage blacklist. See Blacklist IP addresses and FQDNs in our Discovery user guide.