To view an existing certificate collection
The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports)., either browse to the Certificates dropdown on the Management Portal menu and select the desired collection from the dropdown (if the collection has Show in Navigator set as Yes), or browse to Certificates > Collection Manager from the Management Portal and then select View, or double-click the row, from the Certificate Collection Management grid. When you select the collection for viewing, the search will begin immediately and the certificate search grid will open with the results from the collection. For information on using the certificate search grid, see Certificate Search Page.
When viewing an existing collection, you can further refine the collection query by including additional selection criteria in the query field, but these are used in addition to the base query. You are not allowed to clear the base query for the collection, which is displayed above the advanced query field. For example, for the collection shown in Figure 63: Collection with Query Modification, if the user added this in the query field:
The query would return all the certificates issued in the last 30 days with the string appsrvr in the CN A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com). using a template A certificate template defines the policies and rules that a CA uses when a request for a certificate is received. referencing web but without the string keyother in the CN—in other words, the web server certificates for application servers issued in the last 30 days for the keyexample.com domain but not the web server certificates for application servers issued in the last 30 days for the keyother.com domain.
Available operations on a certificate collection include; Save, Save As, Delete Collection or view Permissions on the certificate collection.
Click Save to edit the existing collection. You may change the following about the collection from this option:
- The collection Name.
- The collection Description.
- The collection query Content.
- The Ignore Renewed Cert Results by setting.
- The Show on Dashboard setting.
- The Show on Navigator setting.
For more information on these, see Saving Search Criteria as a Collection.
Click Save As to create a new collection based on the existing collection. You can then edit the search criteria for the new collection without affecting the existing collection. Click Delete Collection to delete the certificate collection. Click Permissions to view collection level permission for the collection (see Certificate Collection Permissions).