Add Certificate Authorities to better categorize and identify if the certificates are coming from approved or unapproved CAs.
Go to Configuration > Approved CAs > New CA and add a .pem file.
Note: We do not support the Binary format. The supported file format for a certificate is Base64 encoded ASCII. We recommend you to convert the file to Base64 encoded ASCII format before uploading.
Once a CA is added all existing and new certificates will be categorized in subsequent scan.
Qualys uses the DigiCert API key to communicate with DigiCert to enroll or renew certificates. You can choose to add an API key to an existing approved DigiCert CA.
1) Get your API Key from DigiCert. You can get more information here.
2) Navigate to Configuration > Approved CAs and choose the CA you want to add the API key to.
3) From the Quick Actions menu click View Certificate and in the Information tab of Certificate Details, click the pencil icon next to API Key field.
4) In the API Key field copy the key you got from DigiCert. You can also test if the key is valid before saving the key for this CA.