Cloud scans
Cloud scans use DigiCert's cloud infrastructure to discover publicly accessible TLS/SSL certificates associated with your organization's fully qualified domain names (FQDNs) and public IP addresses, without requiring any installed sensors. These scans are ideal for identifying and monitoring external-facing certificates across your internet-exposed assets.
Each scan runs through DigiCert's hosted services. Configure the scan to check port 443 on specific public FQDNs or IP addresses. You can run the scan immediately or schedule it to run once, weekly, or monthly.
Cloud scans provide visibility into certificates issued by any certificate authority (CA), with detailed information including:
Common name
Expiration date
Certificate status
Issuing certificate authority
Public IP addresses and domain names where certificates are found
Certificate security ratings
Certificates using NIST-approved PQC algorithms
These scans help detect expired, misconfigured, or untracked public certificates, reducing the risk of service disruptions or security gaps.
Nota
Cloud scans support only public IP addresses and domains. To scan private/internal networks, use Network scans with DigiCert sensors.
Scan results are cached for up to 8 hours. After that, scan data expires and is no longer visible in the user interface.