Certificate Scan Inventory
Viewing the Certificate Scan Inventory
This certificate inventory provides a category-wise comprehensive view of all certificates within your organization’s cryptographic infrastructure. For a PQC-focused analysis, you can customize the inventory view to display only the columns that are relevant to your requirement.
| Column | Description |
|---|---|
| PQC Risk Severity | PQC Risk Severity indicates
how severely a certificate could be impacted by a
potential quantum attack. Based on the certificate
PQC score calculated for a certificate, this column
displays one of the following values:
|
| Quantum Readiness | Quantum readiness is a measure of an
organization’s preparedness to address the impact of
quantum computing over cryptography. Your
certificate infrastructure will be considered
quantum ready when it is deemed capable of
protecting your data, systems, and communication
against the threats posed by quantum computers to
today’s encryption methods. This column
in the inventory indicates the quantum readiness
of individual certificates using the following
values:
|
Common Inventory Functions
| Feature | Description |
|---|---|
| Search | Enter free text or keywords to search
for specific entries in the
inventory. Important: Currently, values
from the following fields cannot be used as search keywords,
as they are not supported by the search functionality and
will be treated as invalid input:
Note: In case CMDB integration is enabled
for certificates, enable the "QTH Child Collection Daily
Sync" job under CLM → Job Scheduler to ensure an improved
certificate dashboard and inventory
experience. |
| Export | To export the inventory data:
The inventory data is downloaded to your local system as a zipped file. |
| Pagination | Use the pagination control dropdown to select
the number of records that will be displayed per page of the
inventory. You can select to display 25, 50, 75, or 100 records per page of the inventory. |
| Pagination Navigation | Use the pagination navigation buttons to move between the pages in the inventory. |
| Refresh | Use the Refresh button to reload the inventory to display the up-to-date records. |
Understanding the Certificate Scan Inventory
| Column | Description |
|---|---|
| CMDB Operational Status | Indicates the current state of the configuration
item (CI) using the following values:
|
| CMDB Match Status |
Indicates if the certificate listed in the inventory can be linked to a configuration item (CI) in the CMDB and if the CI’s data can be used for populating the business context in the configuration scan inventory (in the Business Application, Owner, and Business Criticality fields)
For a detailed understanding of how the CMDB status is populated, see Understanding CMDB Status Values (Certificate Scan). |
| Business Application | Application or service that the scanned certificate is associated with |
| Owner | Individual/team that is responsible for the business application and the certificate |
| Business Criticality | Impact of the application and the certificate on the business operations |
| PQC Risk Severity | PQC Risk Severity indicates how severely
a certificate could be impacted by a potential quantum attack.
Based on certificates' validity period, cryptographic algorithm
strength (including key size), and alignment with the
NIST-recommended standards for quantum resilience, this column
displays one of the following values:
|
| Quantum Readiness | Quantum readiness is a measure of an
organization’s preparedness to address the impact of quantum
computing over cryptography. Your certificate infrastructure
will be considered quantum ready when it is deemed capable of
protecting your data, systems, and communication against the
threats posed by quantum computers to today’s encryption
methods. This column in the inventory indicates the quantum readiness of individual certificates using the following values:
|
Understanding the CMDB Status Values [Certificate Scan Inventory]
| Scenario | Condition | CMDB Match Status | Business Criticality / Owner / Business Application Columns |
|---|---|---|---|
| Unique CI found and active | operational_status in (Operational, In Service, Running) | Matched – Fully Enriched | Populate values as in CMDB |
| CI inactive / retired / decommissioned | operational_status in (Retired, Inactive, Decommissioned, Removed) | Matched – Fully Enriched | Populate as in CMDB |
| CI found, but lifecycle fields missing | operational_status or install_status missing | Matched – Fully Enriched | Populate available values |
| CI found, but enrichment fields blank | Fields like Business App, Owner, Criticality missing | Matched – Partially Enriched | Populate available data only |
| Multiple matching CIs found |
Multiple CIs found (Based on sys_updated_on field and taking first entry which is last updated) |
Matched – Fully Enriched | Enrich fields according to the latest data update. |
| No CI found | No CI found | Unmatched | Leave enrichment fields empty |
| CMDB query failed (connectivity/auth/system error) |
Failure to connect to CMDB
(No entry ,log the failure and retain the old data if applicable) |
Leave enrichment fields empty |
Customizing Columns in the Server Certificate Inventory
For the certificate inventory, AppViewX lets you show/hide columns in the certificate inventory based on the data you want to display. Selecting which columns to display lets users focus on relevant data, improves readability, and speeds up analysis and reporting.
To customize the columns in the server certificate inventory:
-
Go to Menu > CLM >
Certificate Inventory >
Server.
The Server Certificate inventory is displayed.
-
From the toolbar, click Columns.
The Columns dialog box is displayed.
-
Select/Clear the checkboxes corresponding to the columns you want to
show/hide in the inventory.
Tip:
- You can also use the Search field to search for the required columns.
- To select all columns, select the Select all checkbox from the dialog box.
- To reset your changes, click Reset to previous column selection.
Note: Columns marked with an * are mandatory for displaying in the inventory and hence cannot be hidden. -
Click Save.
The inventory is updated according to your selection.
Customizing Columns to View PQC Readiness
PQC Readiness is a measure of your organization's preparedness for transitioning to PQC algorithms to resist probable attacks from quantum computers.
| Column | Description |
|---|---|
| PQC Risk Severity | PQC Risk Severity indicates how
severely a certificate could be impacted by a potential
quantum attack. Based on certificates' validity period,
cryptographic algorithm strength (including key size), and
alignment with the NIST-recommended standards for quantum
resilience, this column displays one of the following
values:
|
| Quantum Readiness | Quantum readiness is a measure of an
organization’s preparedness to address the impact of quantum
computing over cryptography. Your certificate infrastructure
will be considered quantum ready when it is deemed capable
of protecting your data, systems, and communication against
the threats posed by quantum computers to today’s encryption
methods. This column in the inventory indicates
the quantum readiness of individual certificates using
the following values:
|
