Discovered Certificate node
A Discovered Certificate node stores information about a TLS certificate that has been retrieved from a target.
Discovered Certificate Lifecycle
The following section describes the scenarios in which a Discovered Certificate node is created or destroyed. DDD nodes are never updated.
Creation
Whenever BMC Helix Discovery retrieves a certificate, a Discovered Certificate node is created. A Discovered Certificate node is created for each discovered Certificate.
Removal
A Discovered Certificate node is removed when the Discovery Access node which it is associated with has been destroyed through the Aging process.
Fingerprint type
The certificate fingerprint is not always of the type SHA-256.
Attributes and relationships of the DiscoveredCertificate node
The attributes of the DiscoveredCertificate node are described in the following table:
UI Name | Description |
---|---|
Discovery Method | Discovery method |
Discovery Duration | Time in seconds spent in discovery |
Request Time | When this request was made |
Failure Reason | Reason for failure, if any |
Failure Cause | Extra details, if any, on reason for failure |
Not shown in UI | Certificate name |
Not shown in UI | Certificate key |
Port | Discovered port |
Not shown in UI | Discovered address |
Target | Discovered hostname/IP address |
Version | Certificate version |
Fingerprint | Certificate fingerprint |
Serial number | Certificate serial number |
Issuer | Certificate issuer |
Subject | Certificate subject |
Signature | Certificate signature |
Signature hash algorithm | Certificate signature hash algorithm |
Signature algorithm OID | Certificate signature algorithm OID |
Not valid before | Certificate not valid before |
Not valid after | Certificate not valid after |
Self signed | Is certificate self signed |
Verified | Is certificate verified |
Expired | Is certificate expired |
Not shown in UI | Flag that this node has command failures linked to it |
Not shown in UI | Flag that this node has script failures linked to it |
Not shown in UI | The name of the script that succeeded in getting this data |
Not shown in UI | The access method used by the script that succeeded in getting this data |
Requesting Pattern | The name of the pattern that requested this data |
SHA-256 fingerprint | Certificate SHA-256 fingerprint |
Used SSL version | Used SSL/TLS protocol version |
The relationships of the DiscoveredCertificate node are described in the following table:
UI Name | Relationship | Description |
---|---|---|
Data Source Access |
| Related Data Source Access |
Discovery Access |
| Related Discovery Access |
Provider Access |
| Related Provider Access |
Command Failures |
| Command Failures |
Script Failures |
| Script Failures |
Requested Discovery Access |
| Discovery requested during discovery of another device |
Requesting Pattern |
| Pattern from which the request to retrieve this information originated (deprecated) |
Not shown in UI |
| Pattern Execution Trigger which requested retrieval of this information |
Comments
Log in or register to comment.