Scanning external CAs

CA connectors can be used to scan associated DigiCert or Entrust accounts to discover issued certificates that haven’t expired or been revoked.

Scanning external CAs requires connector v3.0 or later. If you have an earlier version, see Update a CA Connector.

When certificates issued by the third-party CA are discovered, they are placed into the selected certificate bucket in SCM.

Scan an external CA

  1. Navigate to Issuers  CA Backends, and click Scan.

    CA Backends
  2. Select the appropriate certificate bucket for the scan results.

  3. Click OK.

Discovered certificates are listed on the Certificate Buckets page under the certificate bucket specified for the scan.

You can revoke all discovered certificates types, and renew discovered SSL certificates, through SCM.