Discovering TLS server endpoints¶

In addition to validating certificates, the Validate Now feature can also sniff out any additional TLS server endpoints in your inventory. It does this by extracting the common name and DNS SANs automatically from your selected certificates and then discovers any additional TLS server endpoints.

For the discovery process, Validate Now relies on your existing VSatellites for internal discovery and on Scanafi for external discovery.

It's all automated for you. Simply select one or more certificates and then run Validate Now.

Using Validate Now to discover TLS server endpoints¶

1. Sign in to TLS Protect Cloud.

2. Click Inventory > Certificates.

3. On the Certificates page, switch to the Certificate Details view.

4. Find one or more certificates by doing one of the following:

   • To search for a specific certificate, enter the certificate details in the search bar at the top.
   • If you had created and saved a filter for your certificates, click the Filters list and select your saved filter.
   • To manually filter the list, click Filter next to the search bar to enter the attributes you want to include in the filter, and then click Apply.

5. Select one or more certificates, and then click Validate Now.

6. Following validation, click the TLS Server Endpoints tab for each certificate to view all discovered server endpoints.

   "TIP

   Note that the Scan Type column displays Validation, which indicates that TLS server endpoints were discovered using validation rather than a specific discovery service.

What's next?¶

Learn more about the following concepts:

• Certificate validation
• Finding certificates in your inventory
• Downloading certificates