What's on your dashboard
The DigiCert Quantum Central dashboard provides a high-level view of your post-quantum cryptography (PQC) posture. Use it to review key status indicators, identify areas that may need attention, and decide where to investigate next.
View your cryptographic posture
The dashboard displays the following information about your imported cryptographic assets:
Total cryptographic Assets
Total number of certificates and endpoints imported from DigiCert® Trust Lifecycle Manager, through manual scans, or from other data sources.
Asymmetric Algorithm Usage
The signature algorithm usage in your end entity certificates.
Obtained from a certificate's
subjectPublicKeyInfofield which contains values such asML-DSA,RSA, andECDSA.Certificates using
ML-DSAorSLH-DSAare considered quantum-safe and count towards your Quantum Readiness %.
Signature Algorithm Usage
The key algorithm usage in your Issuing CA certificates.
Obtained from the certificate's
signatureAlgorithmfield and contains values such asSHA256withRSAThe compound name (e.g.
SHA256withRSA) encodes two things in one:The hash algorithm used to digest the
TBSCertificatebefore signing (SHA256,SHA384)The signing algorithm applied to that digest (
RSA,ECDSA)
The
signatureAlgorithmtells you whether the issuing CA is quantum-vulnerable, independent of the end entity certificate.
An end entity certificate could be signed with an ML-DSA key (subjectPublicKeyInfo) but still be issued by a CA using RSA (signatureAlgorithm). The chain is only as strong as the weakest link. Full PQC posture requires both fields to reflect quantum-safe algorithms.
CA certificates using ML-DSA or SLH-DSA are considered quantum-safe.
Key Agreement Usage
TLS key agreement is the process a client and server use to create shared session secrets during a TLS connection. They exchange public values and derive the same secret without sending the secret over the network. Temporary keys help protect recorded traffic if a long-term private key is later compromised.
Key agreements using
X25519MLKEM768,SecP256r1MLKEM768, andSecP384r1MLKEM1024are considered quantum-safe and count towards your Quantum Readiness %.Quantum-safe key agreements are only supported in TLS 1.3.
TLS Protocol Usage
You must update systems to TLS 1.3 and enable quantum-safe key agreements to mitigate the harvest-now, decrypt later threat.
Quantum-safe key agreements are not supported in TLS 1.2, 1.1, or 1.0.
Learn more about Mitigating the Harvest-Now, Decrypt-Later Threat. You'll need a Quantum Central account to access this course.
Get AI-powered insights about your assets
DigiCert Quantum Central makes it very easy for you to prioritize your migration tasks with its in-built AI capabilities.
The AI can analyze all the imported cryptographic assets and answer any related questions.
You can go to the Dashboard and type your questions in the Get started bar at the top.
Alternatively, you can select the AI icon at the top-right corner and start chatting.
AI capabilities are currently limited in the free Preview.