取得透過 CertCentral Discovery 掃描找到憑證的所有端點伺服器的總數和清單。依伺服器或搜尋屬性選擇性的篩選結果。
curl -X POST \
https://daas.digicert.com/apicontroller/v1/reports/viewIpPort \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"searchCriteriaList": [
{
"key":"serialNumber",
"operation": "EQUALS",
"value": [
"0eb6eab418c873d8f3c031dcdddf18b0"
]
},
{
"key":"ip",
"operation": "EQUALS",
"value": [
"www.itc.com","www.digicert.com","www.cert.com","wmart.com","ph.com"
]
},
{
"key":"port",
"operation": "EQUALS",
"value": [
3389,636,443,80,389,8443
]
},
{
"key":"scanName",
"operation": "EQUALS",
"value": [
"ScanWithAllVul","GtScdlV612Aug19"
]
},
{
"key":"serverSecurity",
"operation": "EQUALS",
"value": [
"NO_VULNERABILITY_FOUND"
]
},
{
"key":"isCertPresent",
"operation": "EQUALS",
"value": [
true
]
},
{
"key":"cn",
"operation": "EQUALS",
"value": [
"www.origin.digicert.com"
]
}
],
"accountId": "126993",
"divisionIds": [],
"startIndex": 1,
"pageSize": 50,
"sortedColumnId": null,
"sortOrder": "ASC"
}'
import requests
url = "https://daas.digicert.com/apicontroller/v1/reports/viewIpPort"
payload = "{\n \"searchCriteriaList\": [\n {\n \"key\": \"serialNumber\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"0eb6eab418c873d8f3c031dcdddf18b0\"\n ]\n },\n {\n \"key\": \"ip\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"www.itc.com\",\"www.digicert.com\",\"www.cert.com\",\"wmart.com\",\"ph.com\"\n ]\n },\n {\n \"key\": \"port\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"3389\",\"636\",\"443\",\"80\",\"389\",\"8443\"\n ]\n },\n {\n \"key\": \"scanName\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"ScanWithAllVul\",\"GtScdlV612Aug19\"\n ]\n },\n {\n \"key\": \"serverSecurity\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"NO_VULNERABILITY_FOUND\"\n ]\n },\n {\n \"key\": \"isCertPresent\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"true\"\n ]\n },\n {\n \"key\": \"cn\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"www.origin.digicert.com\"\n ]\n }\n ],\n \"accountId\": \"126993\",\n \"divisionIds\": [],\n \"startIndex\": 1,\n \"pageSize\": 50,\n \"sortedColumnId\": null,\n \"sortOrder\": \"ASC\"\n}"
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json",
}
response = requests.request("POST", url, data=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://daas.digicert.com/apicontroller/v1/reports/viewIpPort"
payload := strings.NewReader("{\n \"searchCriteriaList\": [\n {\n \"key\": \"serialNumber\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"0eb6eab418c873d8f3c031dcdddf18b0\"\n ]\n },\n {\n \"key\": \"ip\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"www.itc.com\",\"www.digicert.com\",\"www.cert.com\",\"wmart.com\",\"ph.com\"\n ]\n },\n {\n \"key\": \"port\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"3389\",\"636\",\"443\",\"80\",\"389\",\"8443\"\n ]\n },\n {\n \"key\": \"scanName\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"ScanWithAllVul\",\"GtScdlV612Aug19\"\n ]\n },\n {\n \"key\": \"serverSecurity\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"NO_VULNERABILITY_FOUND\"\n ]\n },\n {\n \"key\": \"isCertPresent\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"true\"\n ]\n },\n {\n \"key\": \"cn\",\n \"operation\": \"EQUALS\",\n \"value\": [\n \"www.origin.digicert.com\"\n ]\n }\n ],\n \"accountId\": \"126993\",\n \"divisionIds\": [],\n \"startIndex\": 1,\n \"pageSize\": 50,\n \"sortedColumnId\": null,\n \"sortOrder\": \"ASC\"\n}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
var request = require("request");
var options = { method: 'POST',
url: 'https://daas.digicert.com/apicontroller/v1/reports/viewIpPort',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' },
body:
{ searchCriteriaList:
[ { key: 'serialNumber', operation: 'EQUALS', value: [ '0eb6eab418c873d8f3c031dcdddf18b0' ] },
{ key: 'ip', operation: 'EQUALS', value: [ 'www.itc.com','www.digicert.com','www.cert.com','wmart.com','ph.com' ] },
{ key: 'port', operation: 'EQUALS', value: [ '3389','636','443','80','389','8443' ] },
{ key: 'scanName', operation: 'EQUALS', value: [ 'ScanWithAllVul','GtScdlV612Aug19' ] },
{ key: 'serverSecurity', operation: 'EQUALS', value: [ 'NO_VULNERABILITY_FOUND' ] },
{ key: 'isCertPresent', operation: 'EQUALS', value: [ 'true' ] },
{ key: 'cn', operation: 'EQUALS', value: [ 'www.origin.digicert.com' ] } ],
accountId: '126993',
divisionIds: [],
startIndex: 1,
pageSize: 50,
sortedColumnId: null,
sortOrder: 'ASC' },
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
{
"data": {
"totalCount": 728,
"currentCount": 50,
"onlineIPPortDetailsDTOList": [
{
"commonName": "www.digicert.com",
"port": 443,
"ipAddress": "digicert.com",
"portStatus": null,
"isCertPresent": true,
"serverSecurityRating": "Not secure",
"service": "https",
"devicetype": "Unavailable",
"serverName": "Unavailable",
"serverVersion": "Unavailable",
"scanId": null,
"scanName": "Ray test scan",
"domainName": "digicert.com",
"firstDiscoveredDate": 1563917837971,
"certificateId": "041340bf2a9fb794d30fda13395b314ae67df53d",
"os": "",
"osVersion": null,
"vulnerabilityName": "POODLE (TLS)",
"serverId": 1634548,
"san": "www.digicert.com,ak-dfw01-www.digicert.com,ak-dal01-www.digicert.com,www.dig-cert.com,digicert.com",
"org": "DigiCert, Inc.",
"certExpiryDate": 1581162880000,
"certStatus": "VALID",
"certRating": "Very secure",
"ca": "DigiCert",
"serialNumber": "3abd311ca0530854676aab23"
},
{
"commonName": "*.stackexchange.com",
"port": 443,
"ipAddress": "stackoverflow.com",
"portStatus": null,
"isCertPresent": true,
"serverSecurityRating": "Secure",
"service": "https",
"devicetype": "",
"serverName": "Unavailable",
"serverVersion": "Unavailable",
"scanId": null,
"scanName": "Morpheus",
"domainName": "stackoverflow.com",
"firstDiscoveredDate": 1561409075964,
"certificateId": "390a4684b989444a6d286705acd429415a9c433d",
"os": "",
"osVersion": null,
"vulnerabilityName": "",
"serverId": 1407732,
"san": "*.askubuntu.com,*.blogoverflow.com,*.mathoverflow.net,*.meta.stackexchange.com,*.meta.stackoverflow.com,*.serverfault.com,*.sstatic.net,*.stackexchange.com,*.stackoverflow.com,*.stackoverflow.email,*.superuser.com,askubuntu.com,blogoverflow.com,mathoverflow.net,openid.stackauth.com,serverfault.com,sstatic.net,stackapps.com,stackauth.com,stackexchange.com,stackoverflow.blog,stackoverflow.com,stackoverflow.email,stacksnippets.net,superuser.com",
"org": "",
"certExpiryDate": 1566927383000,
"certStatus": "EXPIRED",
"certRating": "Secure",
"ca": "Let's Encrypt",
"serialNumber": "039980940a562af6fb09e8a984d2a14c6ec9"
}
]
}
}
名稱 | 必填/選填 | 類型 | 說明 |
---|---|---|---|
searchCriteriaList | 選填 | array | 取得指定條件的記錄。 |
.. key | 選填 | string |
搜尋參數。 允許的值: serialNumber ,ip ,port ,scanName ,serverSecurity ,isCertPresent ,cn
|
.. operation | 選填 | string |
搜尋操作。 允許的值: EQUALS
|
.. value | 選填 | array | 搜尋值。 |
accountId | 必填 | string | 帳戶 ID。 |
divisionIds | 選填 | array | 分區 ID。 |
startIndex | 選填 | int |
從指定的索引開始。 預設: 1
|
pageSize | 選填 | int |
每頁的記錄數目。 預設: 50
|
sortedColumnId | 選填 | string |
依指定參數將結果排序。 允許的值: serialNumber ,ip ,port ,scanName ,serverSecurity ,isCertPresent ,cn 預設: isCertPresent
|
sortOrder | 選填 | string |
排序方向。 允許的值: DESC (降冪:9-0, Z-A),ASC (升冪:0-9, A-Z)預設: DESC
|
名稱 | 類型 | 說明 |
---|---|---|
data | object | 容器。 |
.. totalCount | int | 符合搜尋條件的記錄總數。 |
.. currentCount | int | 目前頁面的記錄數目。 |
.. onlineIPPortDetailsDTOList | array | 適用於端點詳細資料的容器。 |
.. .. commonName | string | 端點上找到的憑證的一般名稱。 |
.. .. port | string | 找到憑證的連接埠。 |
.. .. ipAddress | string | 端點的 IP 位址。 |
.. .. portStatus | string | 端點的可用性或連線狀態。 |
.. .. isCertPresent | bool | 端點上是否安裝憑證。 |
.. .. serverSecurityRating | string |
伺服器安全評級 ,基於端點的通訊和安全設定。
|
.. .. service | string |
通訊協定,例如 https 。
|
.. .. deviceType | string | 一般硬體類型 (如果有)。 |
.. .. serverName | string | 伺服器軟體 (如果有)。 |
.. .. serverVersion | string | 伺服器版本 (如果有)。 |
.. .. scanId | string | CertCentral Discovery 掃描的唯一 ID,掃描和擷取用於端點的詳細資料。 |
.. .. scanName | string | 系統管理員提供給 CertCentral Discovery 掃描的易記名稱。 |
.. .. domainName | string | 端點的根網域。 |
.. .. firstDiscoveredDate | string | CertCentral Discovery 掃描第一次找到的日期端點。 |
.. .. certificateId | string | 在端點上所找到用於憑證的 DigiCert 產生的唯一 ID。使用於需要它的 API 要求。 |
.. .. os | string | 作業系統。 |
.. .. osVersion | string | 作業系統版本 (如果有)。 |
.. .. vulnerabilityName | string | 根據已知的端點詳細資料找到的漏洞。 |
.. .. serverId | string | 伺服器 ID (如果有)。 |
.. .. san | string | 端點上找到的憑證上的主體別名。 |
.. .. org | string | 端點上找到的憑證上的組織名稱。 |
.. .. certExpiryDate | string | 端點上找到的憑證的到期日。 |
.. .. certStatus | string |
狀態端點上找到的憑證的 。
|
.. .. certRating | string |
憑證安全評級 ,基於業界標準和憑證的設定。
|
.. .. ca | string | 發行憑證的憑證授權機關。 |
.. .. serialNumber | string | 指派給有關發行的憑證的序號。 |