Configuring Certificate Authorities

Add Certificate Authorities to better categorize and identify if the certificates are coming from approved or unapproved CAs.

Go to Configuration > Approved CAs > New CA and add a .pem file.

Note: We do not support the Binary format. The supported file format for a certificate is Base64 encoded ASCII. We recommend you to convert the file to Base64 encoded ASCII format before uploading.

Once a CA is added all existing and new certificates will be categorized in subsequent scan.

Add new Certificate Authority

Adding a DigiCert API Key

Qualys uses the DigiCert API key to communicate with DigiCert to enroll or renew certificates. You can choose to add an API key to an existing approved DigiCert CA.

To add an API Key to an approved CA in Certificate View

1)  Get your API Key from DigiCert. You can get more information here.

2) Navigate to Configuration > Approved CAs and choose the CA you want to add the API key to.

3) From the Quick Actions menu click View Certificate and in the Information tab of Certificate Details, click the pencil icon next to API Key field.

Add API Key to CA

4) In the API Key field copy the key you got from DigiCert. You can also test if the key is valid before saving the key for this CA.

Test the API Key and Save