SSL

Keyfactor Command allows, through the Keyfactor Command Windows Agent, various network segments to be scanned for endpoints serving SSLClosed TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. certificates as well as endpoints presenting a certificate to be monitored for changes in status. An SSL scan is executed against an EndpointClosed An endpoint is a URL that enables the API to gain access to resources on a server. Group, which is a collectionClosed The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports). of network endpoints, along with a scan schedule. Two types of endpoint groups exist:

  • Discovery
    A Discovery endpoint group contains endpoints to be scanned for certificates.
  • Monitoring
    A Monitoring group allows endpoints that presented a certificate in a discovery scan to be repeatedly scanned for changes.

The SSL Web APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. component allows SSL scan configuration to be retrieved and updated in order to facilitate rapid configuration of large numbers of network endpoints. The methods included in this component are given in Table 723: SSL Endpoints. As with the Certstore APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. component, the SSL component only has 1 version and all endpoints can be accessed through a URL path including /SSL/1/.

Table 723: SSL Endpoints

Endpoint

Method

Description

AddEndpoint

POST

Add a new endpoint to an endpoint group

AddEndpointGroup

POST

Add a new endpoint group to an agent.

Agents

GET

Return a list of Agents that can perform SSL scans.

EndpointGroups

GET

Returns a list of established endpoint groups for a particular agent