Saving Search Criteria as a Collection

To save your search criteria as a certificate collectionClosed The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports).:

  1. Click the Save button.

    Figure 30: Save Certificate Collection

  2. In the Save Certificate Search dialog, enter a name for the certificate collection. This name appears at the top of the page for this collection and can be configured to appear on the Management Portal menu under Certificates. It will also appear in other places within the Management Portal where you can reference certificate collections (e.g. expiration alerts and certain reports and dashboards). Because it can appear on the menu and in selection dropdowns, the name should be fairly short.
  3. Enter a description for the collection. This description appears as a subtitle below the collection name on the page for this collection and can be more detailed than the collection name.
  4. Select a setting in the Ignore renewed certificate results by dropdown. The Ignore dropdown applies to processing reports or expiration alerts and contains these options:

    Note:  Regardless of the selection you make in the Ignore option, all certificates will appear in the search results grid. Duplicate certificates are not excluded on this page.

    When processing reports or expiration alerts based on this certificate collection, only certificates that share all the EKUs (e.g. Client Authentication and Server Authentication) as well as the same CNClosed A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., DNClosed A distinguished name (DN) is the name that uniquely identifies an object in a directory. In the context of Keyfactor Command, this directory is generally Active Directory. A DN is made up of attribute=value pairs, separated by commas. Any of the attributes defined in the directory schema can be used to make up a DN. or UPN will be eliminated as duplicates. If a certificate has more than one EKU and at least one EKU does not match an otherwise similar certificate with matching CN, DN or UPN, it will not be eliminated on reports or expiration alerts.

  5. Check the Show on Dashboard box to include the results from this collection on the Collection dashboard (see Dashboard: Collections). You will not be able to change this setting once the collection is saved. If you need to change it, you would need to edit the collection and re-save it.
    Note:  The collections dashboard widget will only display the first 25 collections alphabetically. A brief warning message explaining this will be shown on the collections save dialog when the Show on Dashboard box is checked.
  6. Check the Show in Navigator box to include the collection on the Management Portal menu (on the Certificates top-level menu dropdown).
  7. Click Save to save the collection. The search results will display immediately. If you didn't select the Show in Navigator option, you can find the collection again on the Certificate Collection Management page, accessed by navigating to Certificates > Collection Manager from the Management Portal.
Tip:  If you Save a new certificate collection, or Save a change to an existing certificate collection, that change will be immediately reflected in the collection data used to display certificate collections on dashboards and reports. The data used by the dashboards and reports is stored in an intermediate table that is updated immediately. It will also continue to be updated periodically (approximately every 20 minutes by default as configured by the Dashboard Collection Caching Interval application setting) by the Keyfactor Command Service (see Application Settings: Console Tab).