Full Certificate Extract Report

The Full Certificate Extract Report shows detailed information for the active, expired and revoked certificates in the selected collection The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports)..

The export options for the Full Certificate Extract Report are CSV and Excel.

The report table includes these fields:

Common Name The common name of the certificate. Valid From The date on which the certificate became valid (typically the issuance date). Valid To The date on which the certificate expires. Days to Expiration The number of days remaining until the certificate expires. This will be a negative value for expired certificates. Signature Algorithm The cryptographic algorithm used to sign the certificate. Key Size The key length used to create the certificate. Validity Period The number of days for which the certificate was issued. Serial Number The serial number of the certificate. DN The distinguished name (subject) of the certificate. Issuer DN The distinguished name of the issuer (CA) for the certificate. User Name The name of the identity that requested the certificate.

Total SANs The total number of subject alternative names (SANs) for the certificate. SANs Any subject alternative names (SANs) of type DNS name, UPN, or email. SANs IP Any subject alternative names (SANs) of type IP address. Port The port where the certificate was found on an SSL scan. IP Address The IP address where the certificate was found on an SSL scan. DNS Name The DNS name resolved for the IP address where the certificate was found on an SSL scan. Alias The alias of the certificate in the certificate store. Client Machine Depending on the type of certificate store, either the name of the server on which the orchestrator is installed or the name of the server on which the certificate store is located. Store Path The location of the certificate store. The format of this value will vary depending on the type of certificate store. Template The certificate template used to issue the certificate.

Column handling on this report grid has the following features:

• To change the width of a column of the report, hover over the triangle of dots on the right side of the selected column header (). Click, hold and drag the triangle to change the width of the column.
• To rearrange columns on the report display, hover over the rectangle of dots on the left side of the selected column header (). Click, hold, and drag the rectangle to move the column to your selected location.
• Most columns can be sorted in ascending order by clicking on the header of the column. Click the column header again to reverse the sort order.

This report takes the input parameters:

• The certificate collection to report on, including the built-in option, All Certificates collection. The default is All Certificates.
• The metadata Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In the context of Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates. field(s) to include, if desired. This will append the selected metadata columns to the end of the report.