Dashboard: SSL Endpoints

The comprehensive SSLClosed TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. Endpoints panel includes several components:

  • The Changes Found to Existing Endpoints grid displays up to ten SSL endpoints for which a change was found in the most recent scan from the previous scan status. The grid includes the endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server. address, scan time, and both the previous and current endpoint status. This grid only displays if there are endpoints that have been changed.
  • The Endpoints Expiring in the Next X Days grid displays up to ten SSL endpoints with certificates expiring in the next X days. This grid only displays if there are endpoints that meet that criteria. If there are more than ten to display, the certificates expiring soonest are displayed. Out of the box, the number of days is configured to 30. To change the number of days, click the panel Settings icon, choose Edit, enter a number of days, and click Done. To clear the custom number of days and return to the default, click the panel Settings icon, choose Edit, clear the days field, and click Done. The grid includes the network name, the endpoint address, the certificate expiration date, and the certificate common nameClosed A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., if any.
  • The Endpoints per Network pie chart shows discovered SSL endpoints broken down by SSL network. All discovered endpoints are included. This includes endpoints at which a certificate is currently being found, endpoints at which a certificate was found in the past but is no longer found, and endpoints that responded in some way on scan but did not present a certificate. Click on a section of the pie chart to be taken to the SSL Discovery Results page. Click any of the labels below the pie chart to toggle add/remove that segment of the pie from the chart.
  • The Network Endpoint SSL Scanning Results pie chart shows the results from the most recent SSL scan (discovery or monitoring) broken out by result (e.g. certificate found, connection timed out, connection refused). Click on a section of the pie chart to be taken to the SSL Discovery Results page. Click any of the labels below the pie chart to toggle add/remove that segment of the pie from the chart. This can be helpful, for example, if you remove the certificate found section, allowing you to just focus on any errors (and making the error pie segments bigger and easier to click on).

Click the Hide button to minimize the display. Click the panel Settings icon to remove or rename the panel or change the comparison date for the display (see Dashboard).

Figure 19: Dashboard SSL Endpoints