Page 1 of 1
Scan IP Range for Certificates
Posted: Thu Jul 02, 2020 2:08 pm
by jimdurr
I know the "Website" wizard uses the check_xi_service_http_cert to look at certificate expiration dates. Does anyone have a suggestion for scanning an IP range using that check? I know there's the auto-discovery option, but that doesn't use the cert check.
Thoughts?
Jim
Re: Scan IP Range for Certificates
Posted: Thu Jul 02, 2020 2:10 pm
by scottwilkerson
I don't really think this is possible because a certificate is for a host.domain and not for an IP address
Re: Scan IP Range for Certificates
Posted: Thu Jul 02, 2020 2:50 pm
by jimdurr
That's a good point. So I tested the Website wizard by entering the IP rather than host name and the Cert comes up green even just checking against the IP. While it wouldn't be ideal to have a bunch of hosts listed with IP rather than hostname (which is how everything else is listed), it would at least allow me to focus on the hosts that have certificates and then re-run the Website wizard pointing at the hostname that is associated with the IP that returned a cert check.
Does any of that make sense?
Re: Scan IP Range for Certificates
Posted: Thu Jul 02, 2020 3:20 pm
by scottwilkerson
I guess if you have your certificate attached to catch anything on the IP it would and only EVER had 1 certificate per IP, but what if you have many certificates assigned to virtual hosts?
Either way, I don't specifically know of any way to set these up for bulk scanning.
Re: Scan IP Range for Certificates
Posted: Fri Jul 03, 2020 5:23 am
by jimdurr
All right, I'll figure something out, thanks for looking at it.
Re: Scan IP Range for Certificates
Posted: Mon Jul 06, 2020 7:29 am
by scottwilkerson
jimdurr wrote:All right, I'll figure something out, thanks for looking at it.
Sounds good.
Best of luck!