Identify TLS certificates that are in use and any data associated with them.

The Certificates section is designed to help you monitor certificates, TLS protocol versions, and cipher suites across your external assets.

Use Cases

  • Identify certificates that expire soon or have already expired. These should be updated as soon as possible. Sites using expired certificates may be susceptible to man-in-the-middle attacks by attackers who may be able to intercept traffic from users of the site.

  • Identify deprecated TLS protocol versions and bad ciphers containing known vulnerabilities. These may affect the security of your website, ranging from Denial of Service attacks to decryption/compromise of traffic.

  • Identify connected hosts. By extracting fields from the certificate, such as the Common Name and Subject Alternative Name, you can discover other related hostnames.


The website scan attempts to establish a TLS connection to open ports and extract the x.509 certificate along with negotiated protocols and ciphers.


Risk is assigned to each certificate based on several factors including expiration date/expiration status of certificates, deprecated TLS versions, and known weak or bad cipher suites.

  • High ( Red): Non-valid or expired certificate, or certificate uses high-risk ciphers.

  • Medium ( Yellow): Certificate supports weak ciphers.

  • Low ( Green): No significant risks are associated with the certificate.

Certificates rated High or Medium risk will create issues.

We recommend fixing any High-risk issues immediately, and Medium risk issues should warrant a look to see if they are an acceptable risk.


Certificate extensions are individually rated as well and can be viewed on the summary page and within the certificate detail view.

  • Valid

    • Green: The certificate is valid.

    • Red: The certificate is not valid.

  • Not Expired

    • Green: The certificate is not currently expired.

    • Red: The certificate has expired.

  • Host Match

    • Green: The hostname on the certificate appears on its certificate's Common Name or Alternate Names.

    • Red: The hostname of the target does not appear on its certificate's Common Name or Alternate Names.

  • Ciphers: The rating of the highest risk cipher used by the certificate. Ciphers are individually rated for:

    • Green: Low-risk cipher with no known vulnerabilities.

    • Yellow: Medium-risk cipher with weaker encryption standards.

    • Red: High-risk cipher associated with known vulnerabilities.


You can easily navigate through the Certificates section to audit the certificates across your attack surface.

  • Overview: Displays an overview of risk, geographical data, certificate validity, versions, and issuing authorities.

  • Summary: Lists all targets and summarizes the risk status of each certificate.

  • List: Lists all targets with details on the certificate's issuer, country, and hostname

  • Calendar: Displays a calendar view of when certificates expire.

  • Ciphers: Lists all ciphers and TLS protocol versions and the corresponding targets.

  • Hosts: Lists the hostnames that were found in the certificates' Common Name and Subject Alt Names.

  • Changes: Displays the changes found between different scans.

Last updated