Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crawling for Certificates?

Posted by Cliff on from the bit-sized-needles-in-a-digital-haystack dept.

flosofl asks: "I work for a large company in the Authentication and Cryptography Group. Recently, we have decided to centralize all management of our certificates. Right now we manage something on the order of 200 certs. We estimate that there may be something on the order of 100-150 certs in our enterprise that we are unaware of/managed locally. What we especially want to eliminate are the 'in house' cert servers that have cropped up here and there. What we need is a tool to crawl the network and discover these certificates. I thought maybe nmap, but could not find any options for this. I am aware of the Certificate Discovery Protocol, but can find nothing other than specification pages and I am not a programmer. We would like some kind of tool that would crawl the networks and discover servers with VeriSign, InstaSSL, and type of certs. We also would like to keep it inexpensive (sub $10,000). Any help would be appreciated."

3 of 30 comments (clear)

  1. Dear Sir, by Anonymous Coward · · Score: 1, Funny
    We also would like to keep it inexpensive (sub $10,000).
    Is your company hiring?
  2. Re:This is easy by buttahead · · Score: 2, Funny

    hell.. I'll crawl under your non-raised floors checking cables for $10,000.

  3. Re:Wrong solution by bigsteve@dstc · · Score: 3, Funny
    Simply make it a policy to not use any certificates for company use which are not maintained by you.

    ... and make it a policy that everyone should follow policy :-)