Certificate Search Page
The search function allows you to query the database for information. The same query structure is used in multiple locations within the Keyfactor Command Management Portal.
When you first open the page, you will see the simple search option. To execute a search, select the field and comparison operators in the dropdowns and type something on which to search in the value field (if applicable). If you select an is null or is not null comparison operator, the value field will be grayed out. Click the Search button to execute the query.
Each query consists of three parts:
The results that match your search criteria will be displayed in the results grid below the search selection options.
Issued DN
The distinguished name of the certificate subject.
Import Date
The date the certificate was imported to Keyfactor Command. This field will auto populate on any new imports/enrollments of certificates. On an upgrade, this field will be populated in existing certificates from the certificate operation history.
Effective Date
The date the certificate was issued or became active.
Expiration Date
The date the certificate expires.
Issued CN
The common name of the certificate subject.
Issuer DN
The distinguished name of the certificate issuer.
Certificate Template
The short name of the template used to issue the certificate.
Principal Name
The identity that the certificate represents. The principal name field is populated during certificate synchronization by the user principal name (UPN) extracted from Active Directory if there is a principal name in the certificate subject alternative name (SAN).
Requester
The user or entity that requested the certificate.
Locations
The server(s), if any, that the certificate is hosted on (e.g. for SSL certificates). If the certificate is found on multiple servers, this field will show the number of servers on which it was found and the location type (e.g. 4 SSL or 6 JKS). The specific server names can be found in the certificate details.
Key Type
The key type of the certificate.
Key Size
The key size of the certificate.
Certificate State
The certificate state options are:
- Unknown (0)
- Active (1)
- Revoked (2)
- Failed (4)
- Pending (5)
- Certificate Authority (6)
- Parent Certificate Authority (7)
The search results can be sorted by clicking on a column header in the results grid for every column (except Certificate Locations, Key Type, and Certificate State). Click the column header again to reverse the sort order. The grid columns can be arranged in any order desired by click-holding and dragging the header of the column you wish to move. The column widths may be adjusted by click-holding and dragging the line separating two column headers.
You can check the Include Revoked and/or Include Expired boxes at the top of the results grid to toggle inclusion of revoked or expired certificates in the results. By default they are excluded.
The rest of the buttons at the top of the display grid are used to interact with the certificates displayed in the results grid. Some buttons are grayed out until you click on a grid row. Other certificate functions are available on the right-click menu. To open the right-click menu, highlight a row in the results grid and right-click. You can also double-click a certificate row in the results grid to open the Certificate Details (see Certificate Details).
To select a single row in the grid, click to highlight it and then select an operation from either the top of the grid or the right-click menu. Some of the certificate operations support action on multiple certificates at once. To select multiple rows, hold down the CTRL key and click each row on which you would like to perform an operation, or tick the check box next to the row. Then select an operation from the top of the grid. The right-click menu supports limited operations on the multiple certificates.

You can also find the help icon () at the top of the page next to the Log Out button. From here you can choose to open either the Keyfactor Software & Documentation Portal at the home page or the Keyfactor API Endpoint Utility.
Keyfactor provides two sets of documentation: the On-Premises Documentation Suite and the Managed Services Documentation Suite. Which documentation set is accessed is determined by the Application Settings: On-Prem Documentation setting (see Application Settings: Console Tab).