discovery.getCertificate

discovery.getCertificate(target, port [,"address", timeout])

The Discovery target can be anything that BMC Helix Discovery can make a TLS connection to the IP address and port. For example, this might be a Windows or UNIX host, a network device, an SNMP device, a load balancer, and so on.

The function takes the following parameters:

• target – the discovery target from which to retrieve the certificate. 
• port – the port on which to communicate with the target.
• address – an optional parameter that enables you to specify a hostname, IP address, or URL from which to retrieve the certificate. The address parameter overrides the target parameter and can be used in the case where targets discovered using the IP address return a self-signed certificate. If you use a hostname, it must be resolvable using the DNS that BMC Helix Discovery is configured to use.
• timeout – an optional flag to modify the default timeout. The default is 30 seconds.

Returns a discoveredCertificate node.

The following code shows discovery.getCertificate example statements:

// host is the target host
cert := discovery.getCertificate(host, 8443);

// in this example, host is specified, but overridden with a hostname "testinghost"
othercert := discovery.getCertificate(host, 443, address:=testinghost, timeout:=30);

// in this example, host is specified, but overridden with an IP address 192.168.1.101
ipcert := discovery.getCertificate(host, 443, address:=192.168.1.101, timeout:=30);

Limitations

The discovery.getCertificate function cannot retrieve certificates from a service that requires a valid client certificate to connect.