To save your search criteria as a certificate collection The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates  and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports).:
 The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates  and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports).:
- 
                                                                Click the Save button. 
- In the Save Certificate Search dialog, enter a name for the certificate collection. This name appears at the top of the page for this collection and can be configured to appear on the Management Portal menu under Certificates. It will also appear in other places within the Management Portal where you can reference certificate collections (e.g. workflows, alerts, and certain reports and dashboards). Because it can appear on the menu and in selection dropdowns, the name should be fairly short.
- Enter a description for the collection. This description appears as a subtitle below the collection name on the page for this collection and can be more detailed than the collection name.
- 
                                                                Select a setting in the Ignore Renewed Cert[ificate] Results by dropdown. The Ignore dropdown applies to processing reports or expiration alerts and contains these options:  None NoneDo not eliminate duplicate certificates when processing reports or expiration alerts based on this certificate collection.  Common Name Common NameEliminate duplicate certificates based on the common name  A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com). in the certificate when processing reports or expiration alerts. Certificates will be excluded from reports and expiration alerts if they share the same common name and enhanced key usage (EKU—e.g. Client Authentication). The certificate with the most recent issued date and the given common name and EKU will be included in the report or expiration alert. A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com). in the certificate when processing reports or expiration alerts. Certificates will be excluded from reports and expiration alerts if they share the same common name and enhanced key usage (EKU—e.g. Client Authentication). The certificate with the most recent issued date and the given common name and EKU will be included in the report or expiration alert. Distinguished Name Distinguished NameEliminate duplicate certificates based on the distinguished name in the certificate when processing reports or expiration alerts. Certificates will be excluded from reports and expiration alerts if they share the same distinguished name and EKU. The certificate with the most recent issued date and the given distinguished name and EKU will be included in the report or expiration alert.  Principal Name Principal NameEliminate duplicate certificates based on the principal name in the certificate status data stored in the Keyfactor Command database for the certificate when processing reports or expiration alerts. The principal name is added to the certificate status data for the certificate during certificate synchronization if the certificate SAN  The subject alternative name (SAN) is an extension to the X.509 specification that allows you to specify additional values when enrolling for a digital certificate. A variety of SAN formats are supported, with DNS name being the most common. contains a user principal name or NT principal name. Certificates will be excluded from reports and expiration alerts if they share the same principal name and EKU. The certificate with the most recent issued date and the given principal name and EKU will be included in the report or expiration alert. The subject alternative name (SAN) is an extension to the X.509 specification that allows you to specify additional values when enrolling for a digital certificate. A variety of SAN formats are supported, with DNS name being the most common. contains a user principal name or NT principal name. Certificates will be excluded from reports and expiration alerts if they share the same principal name and EKU. The certificate with the most recent issued date and the given principal name and EKU will be included in the report or expiration alert. Keyfactor Renewal Keyfactor RenewalEliminate duplicate certificates based on certificates that have been renewed through Keyfactor Command. Note: Regardless of the selection you make in the Ignore option, all certificates will appear in the search results grid. Duplicate certificates are not excluded on this page.When processing reports or expiration alerts based on this certificate collection, only certificates that share all the EKUs (e.g. Client Authentication and Server Authentication) as well as the same CN  A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., DN A common name (CN) is the component of a distinguished name (DN) that represents the primary name of the object. The value varies depending on the type of object. For a user object, this would be the user's name (e.g. CN=John Smith). For SSL certificates, the CN is typically the fully qualified domain name (FQDN) of the host where the SSL certificate will reside (e.g. servername.keyexample.com or www.keyexample.com)., DN A distinguished name (DN) is the name that uniquely identifies an object in a directory. In the context of Keyfactor Command, this directory is generally Active Directory. A DN is made up of attribute=value pairs, separated by commas.  Any of the attributes defined in the directory schema can be used to make up a DN. or UPN will be eliminated as duplicates.    If a certificate has more than one EKU and at least one EKU does not match an otherwise similar certificate with matching CN, DN or UPN, it will not be eliminated on reports or expiration alerts. A distinguished name (DN) is the name that uniquely identifies an object in a directory. In the context of Keyfactor Command, this directory is generally Active Directory. A DN is made up of attribute=value pairs, separated by commas.  Any of the attributes defined in the directory schema can be used to make up a DN. or UPN will be eliminated as duplicates.    If a certificate has more than one EKU and at least one EKU does not match an otherwise similar certificate with matching CN, DN or UPN, it will not be eliminated on reports or expiration alerts.
- 
                                                                Check the Show on Dashboard box to include the results from this collection on the Collection dashboard (see Dashboard: Collections). To change this setting later, see Certificate Collection Management. Note: The collections dashboard widget will only display the first 25 collections, displayed in the order in which they were created by default. The order may be customized if desired (see Dashboard: Collections). The save dialog includes a brief message explaining the display limit when the Show on Dashboard box is checked.
- 
                                                                Check the Show on Navigator box to include the collection on the certificates dropdown on the Navigator  The Keyfactor Command top-level dropdown menu. Certificate collections and reports can be configured to be added to these dropdowns using user-defined Show in Navigator settings.. To change this setting later, see Viewing an Existing Certificate Collection. Note: The menu will only display the first 25 collections, displayed in the order in which they were created by default. The order may be customized if desired (see Certificate Collection Management). The save dialog includes a brief message explaining the display limit. The Keyfactor Command top-level dropdown menu. Certificate collections and reports can be configured to be added to these dropdowns using user-defined Show in Navigator settings.. To change this setting later, see Viewing an Existing Certificate Collection. Note: The menu will only display the first 25 collections, displayed in the order in which they were created by default. The order may be customized if desired (see Certificate Collection Management). The save dialog includes a brief message explaining the display limit.
- Click Save to save the collection.
The search results will display immediately. If you didn't select the Show on Navigator option, you can find the collection again on the Certificate Collection Management page, accessed by navigating to Certificates > Collection Manager from the Management Portal.
