Discovering certificates

This guide is intended to introduce you to the process of creating certificate discovery tasks to discover existing certificates in your environment.

Before proceeding, please ensure you have satisfied the following prerequisites:

You have created a Sectigo Authentication Service (SAS) profile
You have created, or have been invited to, an account in Sectigo Certificate Manager (SCM) Pro
Your account has an active trial or subscription

Step one: Create a discovery container

Discovery containers are used to group certificates identified during certificate discovery tasks.

To create a discovery container, do the following:

Navigate to Discovery Discovery Results.
Click Add New.
Provide a name for the discovery container.
Click Save.

Step two: Create a certificate discovery task

Certificate discovery tasks are used to discover SSL certificates in your networks.

To create a certificate discovery task, do the following:

Navigate to Discovery Discovery Tasks.
Click Add New.
Click Next.

Enter your discovery task details based on the information provided in the following table.

Field	Description
Discovery Task Name	The name of the certificate discovery task.
Discovery Result	The discovery container used to group certificates discovered by the task.
Add Scan Range	Scan targets or ranges can be added in the following formats: Hostname — The hostname of the resource to be scanned. IP or IP range — The IP or hyphen-separated IP range to be scanned. CIDR — The IP address in CIDR format.

Field

Description

Discovery Task Name

The name of the certificate discovery task.

Discovery Result

The discovery container used to group certificates discovered by the task.

Add Scan Range

Scan targets or ranges can be added in the following formats:

Hostname — The hostname of the resource to be scanned.
IP or IP range — The IP or hyphen-separated IP range to be scanned.
CIDR — The IP address in CIDR format.

Click Add Range.
(Optional) Add additional ranges to scan.
Click Next.
Select and configure a scan frequency.
Click Save Task.

Step three: Assign discovered certificates for management

Discovered certificates can be assigned to SCM Pro for management. The management functions available are dependent on the certificate’s issuing CA. Certificates issued by Sectigo are eligible for all management functions, including notifications, renewal, and revocation. Certificates issued by third-party CAs cannot be renewed or revoked but will trigger notifications about approaching expiration.

To assign discovered certificates, do the following:

Navigate to Discovery Discovery Results.
Select the appropriate discovery container, and click Manage.
Select the Certificates tab.
Select the certificate you want to assign, and click Manage.
Click Assign.

Assigned certificates can be managed from the Certificates page.