View scan details and results
To see details and results for existing network scans, select the scan by name from the Discovery & automation tools > Network scans page in DigiCert® Trust Lifecycle Manager.
Scan details
Verify the scan details in the following information sections.
Scan details section | Description |
---|---|
Scan results | The number of discovered assets. Select the links to view the assets in your inventory. |
Scan activity | Details about current, past, and upcoming scans including the start time, duration, and status of each. |
General information | General configuration settings for the scan. |
Scan targets | The network targets for the scan. |
Scan options | Scan options including performance settings and tags for discovered assets. |
Schedule | The schedule for running the scan. |
Scan results
In the Scan results section of the scan details:
View the findings for completed scans, including discovered certificates, unsecured ports, and any trust chain issues.
To investigate further, select the discovered counts to load and manage the applicable records from the Inventory page.
Your account dashboard also includes data about cryptographic assets and security ratings discovered through network scans.
To learn more, see Account dashboard.
What data is collected?
For each discovered certificate, Trust Lifecycle Manager collects non-sensitive TLS settings and certificate properties that are accessible during a standard TLS/SSL handshake, plus deployment information about where the certificate is installed. This includes:
TLS settings
TLS protocols
Cipher suites
Handshake information
Security headers
Certificate properties
Certificate subject and issuer details
CA chain information
Key algorithm and length
Signature algorithm
Validity period
Subject Alternative Names (SANs)
Certificate identifiers and extensions (serial number, thumbprint, key usage, EKU)
Deployment information
IP address and port number
Host name and operating system
Application version (for example, web server or load balancer type)
View discovery data in inventory
To verify the data collected in a network scan, select the certificate or endpoint location from the Inventory page.
Certificate details
From the Inventory > Certificates tab, select a discovered certificate by common name to see discovery data under the following details tabs.
Details tab | Description |
---|---|
Certificate | Shows all certificate properties found through the network scan. |
Security | Shows the security rating that Trust Lifecycle Manager assigned to the certificate based on the data it collected. Select the link to view detailed information about how the security rating was calculated. |
Endpoint details
From the Inventory > Endpoints tab, select a certificate deployment location to see discovery data under the following details tabs.
Details tab | Description |
---|---|
General information | Shows all deployment information found through the network scan. |
Delete discovery data
You can delete discovery data from your account at any time, using one of the following methods. Select the links for more details about each:
Use the Inventory management functions to delete discovered assets individually or in bulk.
Use Account > Settings > Discovery to delete all discovery data by asset type from your account.
When you delete a discovered asset: