GET: TLS/SSL Certificates Finding Details – Bitsight Knowledge Base

https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=ssl_certificates

Get an organization’s TLS/SSL Certificates finding details.

Parameters
Example Request
Example Response
Response Attributes

Parameters

For details specific to TLS/SSL Certificates, use the ?risk_vector=ssl_certificates parameter. Other query parameters are listed in GET: Finding Details.

Example Request

curl https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?risk_vector=ssl_certificates -u api_token:

Example Response

{
  "links":{
    "next":"https://api.bitsighttech.com/ratings/v1/companies/a940bb61-33c4-42c9-9231-c8194c305db3/findings?limit=100&offset=100&risk_vector=ssl_certificates",
    "previous":null
  },
  "count":1235,
  "results":[
    {
      "temporary_id":"A1Aa11AAaa11a111aa111aa11a111a11aa11a111aa",
      "affects_rating":true,
      "assets":[ ],
      "details":{
        "cvss":{
          "base":[ ]
        },
        "check_pass":"",
        "diligence_annotations":{
          "sampleName":"11.1.111.111:443",
          "certchain":[
            {
              "dnsName":[ ],
              "endDate":"2031-11-10 00:00:00",
              "issuerName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root CA",
              "keyAlgorithm":"RSA",
              "keyLength":2048,
              "serialNumber":"11111111111111111111111111111111111111",
              "signatureAlgorithm":"SHA1WITHRSA",
              "startDate":"2006-11-10 00:00:00",
              "subjectName":"C=US,O=CertIssuer Inc,OU=www.certissuer.com,CN=CertIssuer Global Root CA"
            }
          ],
          "previouslyObserved":{
            "2023-03-19":[
              "222.22.22.222:443"
            ]
          }
        },
        "final_location":"https://333.33.333.33/",
        "geo_ip_location":"A1",
        "country":"Demo Country 1",
        "grade":"GOOD",
        "observed_ips":[
          "44.44.444.44:443"
        ],
        "remediations":[ ],
        "sample_timestamp":"2023-03-28T23:35:12Z",
        "vulnerabilities":[ ],
        "dest_port":0,
        "rollup_end_date":"2023-03-28",
        "rollup_start_date":"2022-10-08",
        "searchable_details":"12312312312312312312312312312312312312,32132132132132132132132132132132132121,5555555555555555555555555555555555555,C=GB,ST=Greater Manchester,L=Salford,O=Sectigo Limited,CN=Sectigo RSA Extended Validation Secure Server CA,C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority,C=US,ST=New Jersey,L=Jersey City,O=The USERTRUST Network,CN=USERTrust RSA Certification Authority"
      },
      "evidence_key":"example.site.com",
      "first_seen":"2022-10-08",
      "last_seen":"2023-03-28",
      "related_findings":[ ],
      "risk_category":"Diligence",
      "risk_vector":"ssl_certificates",
      "risk_vector_label":"SSL Certificates",
      "rolledup_observation_id":"bB2bBBBBBbBBbb2BbbBbBb==",
      "severity":1.0,
      "severity_category":"minor",
      "tags":[
        "Guest WiFi"
      ],
      "remediation_history":{
        "last_requested_refresh_date":"2024-06-19",
          "last_refresh_status_date":"2024-06-23",
          "last_refresh_status_label":"failed",
        "last_refresh_status_reason": "asset_not_found",
          "last_refresh_reason_code":"asset unreachable",
          "last_refresh_requester": "1e10564d-fawa-4331-0000-6f7588b55a98",
        "result_finding_date": null
      },
      "asset_overrides":[ ],
      "duration":null,
      "comments":null,
      "remaining_decay":58,
      "remediated":null
    }
  ]
}

Response Attributes

Field							Description
links Object							Navigation for multiple pages of results. See pagination.
	next String						The URL for navigating to the next page of results.
	previous String						The URL for navigating to the previous page of results.
count Integer							The number of findings.
results Array							Finding objects.
	Object						A finding.
		temporary_id String					A temporary identifier for this finding.
		affects_rating Boolean					`true` = This finding has an impact on the risk vector letter grade.
		assets Array					Assets relating to this finding.
		details Object					Finding details.
			cvss Object				If the finding has an associated vulnerability, the CVSS score is listed below.
				base Array			CVSS scores of vulnerabilities associated with this finding.
			check_pass String				For internal Bitsight use.
			diligence_annotations Object				Diligence finding details.
				sampleName String			The IP/CIDR range.
				certchain Array			Certificate chain details.
					Object		A certificate in the chain.
						dnsName Array	Domains within this chain.
						endDate String [`YYYY-MM-DD HH:MM:SS`]	The date when this certificate expires.
						issuerName String	The distinguished name of the certificate issuer, made up of attribute assertion values.
						keyAlgorithm String	The algorithm used to encrypt and decrypt messages.
						keyLength Integer	The bit strength of this key. See the recommended TLS/SSL key length.
						serialNumber Integer	The serial number of this certificate.
						signatureAlgorithm String	The signing algorithm used in this certificate.
						startDate String [`YYYY-MM-DD HH:MM:SS`]	The date when this certificate started.
						subjectName String	The distinguished name of the owner of the certificate, made up of attribute assertion values.
				previouslyObserved Object			Previously observed IPs/CIDRs on particular dates.
					Date [`YYYY-MM-DD`] Array		IP/CIDRs on the displayed date.
			final_location String				The URL.
			geo_ip_location String				A 2-letter ISO country code indicating the finding’s country of origin.
			country String				The finding’s country of origin.
			grade String				The finding grade.
			observed_ips Array				All observed IP sources.
			attributed_observed_ips Array				My company's attributed IP sources.
			remediations Array				Information about the finding and instructions to remediate it.
			sample_timestamp String [`YYYY-MM-DDTHH:MM:SSZ`]				The date and time when this finding was observed.
			vulnerabilities Array				Vulnerability details.
			dest_port Integer				A compromised device was observed to be sending traffic from this port.
			rollup_end_date String [`YYYY-MM-DD`]				The date when this finding was last observed.
			rollup_start_date String [`YYYY-MM-DD`]				The date when this finding was first observed.
			searchable_details String				Certificate details.
		evidence_key String					The asset attributed to the finding.
		first_seen String [`YYYY-MM-DD`]					The date when this observation was first seen.
		last_seen String [`YYYY-MM-DD`]					The date when this observation was last seen.
		related_findings Array					Related findings and their details.
		risk_category String					The risk category of this finding.
		risk_vector String					The slug name of this risk vector.
		risk_vector_label String					The display name of this risk vector.
		rolledup_observation_id String					A stable and randomized identifier for findings. It is assigned to a finding when one or more observations with largely similar key properties occur in close succession.
		severity Decimal					The finding severity, which is the measured risk that this finding introduces.
		severity_category String					The finding severity slug name.
		tags Array					Infrastructure tags that identify this asset.
		remediation_history Object					If `?expand=remediation_history` parameter is set, the remediation history of the finding is included.
			last_requested_refresh_date String [`YYYY‑MM‑DD`]				The date when a finding rescan that included this finding was last requested.
				last_refresh_status_date String [`YYYY‑MM‑DD`]			The date when a rescan of the remediation status of this finding was last requested.
				last_refresh_status_label String			The current rescan status of this finding.
			last_refresh_status_reason String				The rescan status.
				last_refresh_reason_code String			The reason code for the rescan status.
				last_refresh_requester String [`user_guid`]			The unique identifier of the user who requested the rescan.
			result_finding_date String [`YYYY-MM-DD`]				The first seen date of the finding that resulted from the rescan, if applicable.
		asset_overrides Array					User-assigned asset importance details.
		duration Integer					Not applicable to TLS/SSL Certificate findings.
		comments String					Finding comments.
		remaining_decay Integer					The remaining finding lifetime.
		remediated Null

February 28, 2025: Added last_refresh_status_reason, last_refresh_reason_code, last_refresh_requester, and result_finding_date response attributes.
February 14, 2025: Added attributed_observed_ips response attribute.
March 31, 2023: Published.

Parameters

Example Request

Example Response

Response Attributes

Related articles