Skip to main content

Discovery user guide

Avis

On October 1, 2026, DigiCert will retire the Discovery service in CertCentral. As of this date, Discovery will no longer be available in CertCentral, and the Discovery user guide will be unpublished.

To continue using Discovery after October 1, 2026, move your Discovery capabilities to DigiCert® Trust Lifecycle Manager.

  • For cloud scans, you need a Trust Lifecycle Manager Essentials subscription.

  • For network scans, you need a Trust Lifecycle Manager Advanced subscription.

Learn about moving Discovery to Trust Lifecycle Manager

Discovery uses sensors to scan the network and find all the internal and public-facing SSL/TLS certificates regardless of the issuing Certificate Authority (CA). These sensors are small software applications that are installed in strategic locations.

Each scan is linked to one sensor. Scans are configured to examine specific fully qualified domain names (FQDNs), IP addresses, and port combinations for the presence of TLS/SSL certificates. Configure scans to run immediately, once at a specified time, or multiple times on a recurring schedule.

These scans provide detailed information about certificates in your network:

  • Common name

  • Expiration date

  • Certificate status

  • Issuing certificate authority

  • Ports and IP addresses of the certificate host

  • Certificate security rating

  • Server security issues

  • TLS/SSL vulnerabilities

Scans can be used to identify the operating system of your server host, the open IP addresses and ports, and the server host of the IP addresses.

Discovery Dashboard in CertCentral
Dans cette section​: