DigiCert's Secure Site Pro, Secure Site EV, and Secure Site Pro EV products support vulnerability assessments for the domains that your certificate secures. To manage vulnerability assessments with the Services API, use the endpoints in this section.
The following SSL products support vulnerability assessments:
ssl_securesite_pro– Secure Site Pro SSL
ssl_ev_securesite_multi_domain– Secure Site EV Multi-Domain SSL
ssl_ev_securesite_flex– Secure Site EV
ssl_ev_securesite– Secure Site EV SSL
ssl_ev_securesite_pro– Secure Site Pro EV SSL
To scan the domains on a certificate, you must enable vulnerability assessments for the certificate order. Enabling vulnerability assessments queues the eligible domains on the order to be scanned. When the scan is complete, you can download a PDF report with the results of the vulnerability assessment.
By default, the assessment service scans domains on the order once per month for as long as vulnerability assessments are enabled. You can manually queue a domain to be rescanned anytime. To prevent scanning altogether, disable vulnerability assessments for the certificate order.
The vulnerability assessment service only scans the highest-level domains that a certificate secures. The examples in the following table show which domains the service scans for certificates securing domains at different levels:
Example certificate A
|When a certificate secures second- and third-level domains, the service only scans the second-level domains.|
Example certificate B
|When a certificate does not secure a second-level domain, the service scans the subdomain at the next highest level.|
Example certificate C
|When a certificate secures multiple subdomains at the same level, the service scans each of those domains.|
This section includes reference topics for the following operations: