Obtenga la calificación de la seguridad del servidor general y los riesgos y problemas conocidos de la dirección IP encontrada en las exploraciones de CertCentral Discovery. Esta solicitud de terminal le permite a un usuario final explorar o entrecruzar la calificación de la seguridad y todos los elementos pertinentes con que se determina la calificación general.
curl -X POST \
https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"ip": "digicert.com",
"port": "443",
"accountId": "126993",
"divisionIds": [],
"scanId": "",
"source": null,
"serverId": "{{SERVER_ID}}"
}'
import requests
url = "https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating"
payload = "{\n \"ip\": \"digicert.com\",\n \"port\": \"443\",\n \"accountId\": \"126993\",\n \"divisionIds\": [],\n \"scanId\": \"\",\n \"source\": null,\n \"serverId\": \"{{SERVER_ID}}\"\n}"
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json",
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating"
payload := strings.NewReader("{\n \"ip\": \"digicert.com\",\n \"port\": \"443\",\n \"accountId\": \"\"126993\"\",\n \"divisionIds\": [],\n \"scanId\": \"\",\n \"source\": null,\n \"serverId\": \"{{SERVER_ID}}\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
var request = require("request");
var options = { method: 'POST',
url: 'https://daas.digicert.com/apicontroller/v1/sslrating/getServerRating',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' },
body: '{"ip":digicert.com,"port":443,"accountId":"126993","divisionIds":[],"scanId":,"source":null,"serverId":{{SERVER_ID}}}' };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
{
"data": {
"categories": [
{
"name":"ServerTlsCategory",
"criteria":[
{
"name":"CipherAlgKeyLength",
"value":"256",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"CipherAlgorithm",
"value":"AES",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"TransportLayerSecurity",
"value":"TLSv1.2,TLSv1",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
}
]
},
{
"name":"SecurityHeadersCategory",
"criteria":[
{
"name":"Strict-Transport-Security",
"value":"",
"issues":"true",
"colorCode":2,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Content-Security-Policy",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"X-Content-Type-Options",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Feature-Policy",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Referrer-Policy",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"X-Frame-Options",
"value":"SAMEORIGIN",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"X-XSS-Protection",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Public-Key-Pins",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Expect-CT",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Location",
"value":"",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"Status",
"value":"200 OK",
"issues":null,
"colorCode":null,
"message":null,
"data":null,
"suggestion":null,
"kbLink":null
},
{
"name":"X-Permitted-Cross-Domain-Policies",
"value":"",
"issues":null,
"colorCode":null,
"message":"Missing security header.",
"data":null,
"suggestion":null,
"kbLink":null
}
]
},
{
"name":"HttpResponseHeadersCategory",
"criteria":[
{
"name":"HttpResponseHeaders",
"value":"",
"issues":null,
"colorCode":null,
"message":null,
"data":[
{
"name":"Version",
"value":"HTTP/1.1",
"issues":null,
"colorCode":null
},
{
"name":"Status",
"value":"200 OK",
"issues":null,
"colorCode":null
},
{
"name":"Server",
"value":"Apache/2.4.39 (Unix) Communique/4.2.3",
"issues":null,
"colorCode":null
},
{
"name":"Access-Control-Allow-Origin",
"value":"*",
"issues":null,
"colorCode":null
},
{
"name":
"Access-Control-Allow-Methods",
"value":"GET,POST~GET,POST",
"issues":null,
"colorCode":null
},
{
"name":"Connection",
"value":"keep-alive",
"issues":null,
"colorCode":null
},
{
"name":"Pragma",
"value":"no-cache",
"issues":null,"colorCode":null
},
{
"name":"Last-Modified",
"value":"Mon, 13 May 2019 08:57:02 GMT",
"issues":null,
"colorCode":null
},
{
"name":"Date",
"value":"Mon, 13 May 2019 09:06:26 GMT",
"issues":null,
"colorCode":null
},
{
"name":"Access-Control-Allow-Headers",
"value":"X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding",
"issues":null,
"colorCode":null
},
{
"name":"Accept-Ranges",
"value":"bytes",
"issues":null,
"colorCode":null
},
{
"name":"Cache-Control",
"value":"no-cache, no-store, must-revalidate~private, max-age=604800",
"issues":null,
"colorCode":null
},
{
"name":"ETag",
"value":"\"43ef6-588c119939675\"",
"issues":null,
"colorCode":null
},
{
"name":"Set-Cookie",
"value":"AKA_A2=A; expires=Mon, 13-May-2019 10:06:26 GMT; path=/; domain=symantec.com; secure; HttpOnly",
"issues":null,
"colorCode":null
},
{
"name":"Set-Cookie",
"value":"spk=1894745231; path=/; secure",
"issues":null,
"colorCode":null
},
{
"name":"Expires",
"value":"0",
"issues":null,
"colorCode":null
},
{
"name":"Content-Length",
"value":"276799",
"issues":null,
"colorCode":null
},
{
"name":"Access-Control-Max-Age",
"value":"1000~1000",
"issues":null,
"colorCode":null
},
{
"name":"Link",
"value":"<https://web-analytics.example.m>;rel=\"preconnect\",<https://j.web.m>;rel=\"preconnect\",<https://nxs.example.com>;rel=\"preconnect\",<https://tracker.mrexample.m>;rel=\"preconnect\"",
"issues":null,
"colorCode":null
},
{
"name":"Content-Type",
"value":"text/html; charset=utf-8",
"issues":null,
"colorCode":null
}
],
"suggestion":null,
"kbLink":null
}
]
}
],
"rating":"Not secure",
"certChainInfo":{
"certChainId":4752752,
"noOfCertChainFound":2,
"status":"Invalid-certificate is expired",
"isSelfSigned":false,
"certChainDetails":{
"certChainDetailsList":[
{
"certDetailsList":[
{
"status":"Valid",
"expirationDate":1855828800000,
"keyAlgorithm":"RSA2048",
"algorithmType":"SHA256withRSA",
"issueDate":1382443200000,
"issuerDN":"CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US",
"subject":null,
"errors":null
},
{
"status":"Expired",
"expirationDate":null,
"keyAlgorithm":null,
"algorithmType":null,
"issueDate":null,
"issuerDN":null,
"subject":"CN=www.exampleca.com,OU=Corp Mktg & Comms - Online Exp,O=Symantec Corporation,L=Mountain View,ST=California,C=US,2.5.4.5=#130732313538313133,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#0c1450726976617465204f7267616e697a6174696f6e(end-entity)",
"errors":[
"This certificate has expired. Replace the expired certificate with a valid certificate."
]
}
],
"overallStatus":"Primary Chain (Invalid- certificate is expired)",
"isAdditionalCertChain":null,
"isValidChain":false
}
]
}
},
"criticalTlsIssues":[],
"nonCriticalTlsIssues":[],
"protocolCiphersInfoList":[],
"serverConfigList":[
{
"protocol":"TLSv1.2",
"keySize":128,
"cipherAlgorithm":"AES"
}
],
"tlsIssuesFound":false,
"vulnerabilityScanEnabled":false
}
}
Nombre | Solicitud/opción | Tipo | Descripción |
---|---|---|---|
ip | obligatorio | string | Dirección IP del terminal del cual desea obtener una calificación. |
port | obligatorio | string | Puerto del terminal del cual desea obtener una calificación. |
accountId | obligatorio | string | Id. de cuenta. |
divisionIds | opcional | array | Id. de división. |
scanId | opcional | string |
Id. única para la exploración de CertCentral Discovery con que se exploró y se recuperó la información del terminal. Obligatorio si scanName el filtro se aplica a la vista de un terminal o si un usuario navega hacia la vista de un certificado desde la información de la exploración.
|
source | opcional | string | Se redirige al usuario desde este nombre de exploración. |
serverId | opcional | string | Id. del servidor, si está disponible. |
Nombre | Tipo | Descripción |
---|---|---|
data | object | Contenedor. |
.. categories | array | Contenedor para el criterio de evaluación con que se determina la calificación de la seguridad. |
.. .. name | string | Nombre de la categoría evaluada. |
.. .. criteria | array | Contenedor para la información con que se determina la calificación de la seguridad. |
.. .. .. name | string | Criterio de evaluación. |
.. .. .. value | string | Valor del criterio. |
.. .. .. issues | bool | Si los problemas conocidos existen para este criterio. |
.. .. .. colorCode | string |
Nivel de advertencia. Posibles valores: 1 =en riesgo (alto), 2 =advertencia (medio), null .
|
.. .. .. message | string | Resumen. |
.. .. .. data | array | Contenedor para las subcategorías. |
.. .. .. .. name | string | Criterio de evaluación. |
.. .. .. .. value | string | Valor del criterio. |
.. .. .. .. issues | bool | Si los problemas conocidos existen para este criterio. |
.. .. .. .. colorCode | string |
Nivel de advertencia. Posibles valores: 1 =en riesgo (alto), 2 =advertencia (medio), null .
|
.. .. .. suggestion | string | Información o solución. |
.. .. .. kbLink | string | Enlace a la información adicional. |
.. rating | string |
Calificación de la seguridad del servidor , de acuerdo con las configuraciones de comunicación y seguridad del terminal.
|
.. certChainInfo | object | Contenedor para la información del certificado de la CA intermedia. |
.. .. certChainId | string | Id. de la cadena del certificado. |
.. .. noOfCertChainFound | int | Número de cadenas de certificados encontradas. |
.. .. status | string | Estado de la cadena. |
.. .. isSelfSigned | bool | Si la cadena tiene firma automática. |
.. .. certChainDetails | object | Contenedor de la información de la cadena del certificado. |
.. .. .. certChainDetailsList | array | Contenedor de la información de la cadena del certificado. |
.. .. .. .. certDetailsList | array | Información de los certificados intermedio o raíz. |
.. .. .. .. .. status | string | Estado del certificado. |
.. .. .. .. .. expirationDate | string | Fecha de vencimiento. |
.. .. .. .. .. keyAlgorithm | string | Algoritmo de cifrado. |
.. .. .. .. .. algorithmType | string | Tipo de SHA. |
.. .. .. .. .. issueDate | string | Fecha de emisión. |
.. .. .. .. .. issuerDN | string | Nombre del emisor. |
.. .. .. .. .. subject | string | Sujeto del certificado. |
.. .. .. .. .. errors | array | Mensajes de error. |
.. .. .. .. overallStatus | string | Estado de la cadena del certificado general. |
.. .. .. .. isAdditionalCertChain | bool | Si se descubre un certificado que no sea el de la cadena de certificados prevista. |
.. .. .. .. isValidChain | bool | Si la cadena es válida. |
.. criticalTlsIssues | array | Problemas críticos relacionados con la implementación de TLS en el terminal. |
.. nonCriticalTlsIssues | array | Problemas que no son críticos y que están relacionados con la implementación de TLS en el terminal. |
.. protocolCiphersInfoList | array | Conjuntos de cifrado presentes en el terminal. |
.. serverConfigList | object | Configuración de seguridad de la comunicación del servidor. |
.. .. protocol | string | Protocolo de seguridad de comunicación. |
.. .. keySize | string | Tamaño de la clave de cifrado. |
.. .. cipherAlgorithm | string | Algoritmo de cifrado. |
.. tlsIssuesFound | bool | Si existen problemas de TLS en el terminal o no. |
.. vulnerabilityScanEnabled | bool | Si la exploración de vulnerabilidad está activada en el terminal o no. |