The TLS/SSL Certificates risk vector now uses the Certificate Serial Number as the finding identifier. The evidence_key
value in GET: TLS/SSL Certificates Finding Details [/v1/companies/company_guid/findings?risk_vector=ssl_certificates
] API also replaces the IP/domain with the Certificate Serial Number.
This change is prompted by the observation that the current IP/domain identifier can sometimes be misleading, as it does not precisely identify the certificate in question.
To continue incorporating IP/domain information into your internal processes:
- Refer to the
details.diligence_annotations.certchain.dnsName
field for the Bitsight API.
Feedback
0 comments
Please sign in to leave a comment.