discovery.getCertificate(targetport [,"address", timeout])

Retrieves a TLS certificate from the specified discovery target.

The Discovery target can be anything that BMC Helix Discovery can make a TLS connection to the IP address and port. For example, this might be a Windows or UNIX host, a network device, an SNMP device, a load balancer, and so on.

The function takes the following parameters:

  • target – the discovery target from which to retrieve the certificate. 
  • port – the port on which to communicate with the target.
  • address – an optional parameter that enables you to specify a hostname, IP address, or URL from which to retrieve the certificate. The address parameter overrides the target parameter and can be used in the case where targets discovered using the IP address return a self-signed certificate. If you use a hostname, it must be resolvable using the DNS that BMC Helix Discovery is configured to use.
  • timeout – an optional flag to modify the default timeout. The default is 30 seconds.

Returns a discoveredCertificate node.

The following code shows discovery.getCertificate example statements:

// host is the target host
cert := discovery.getCertificate(host, 8443);

// in this example, host is specified, but overridden with a hostname "testinghost"
othercert := discovery.getCertificate(host, 443, address:=testinghost, timeout:=30);

// in this example, host is specified, but overridden with an IP address
ipcert := discovery.getCertificate(host, 443, address:=, timeout:=30);


The discovery.getCertificate function cannot retrieve certificates from a service that requires a valid client certificate to connect.


Was this page helpful? Yes No Submitting... Thank you