About the Certificate Inventory
Table of Contents
Expand all | Collapse all
-
- Activate Next-Generation Trust Security
-
-
- Configure AWS connection
- Configure Azure Key Vault connection
-
- Workload Identity Federation authentication
- Workload Identity Federation - Azure Identity Provider authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Workload Identity Federation authentication
- Next-Gen Trust Security Generated Key authentication
- User permissions
- Supported OIDC claims
-
-
-
-
- Create an F5 BIG-IP LTM machine
- Create a Microsoft Azure Private Key Vault machine
- Create a Microsoft IIS machine
- Create a Microsoft Windows (PowerShell) machine
- Create a Microsoft SQL Server machine
- Create a Common KeyStore machine
- Create a Citrix ADC machine
- Create an Imperva WAF machine
- Create a VMware NSX Advanced Load Balancer (AVI) machine
- Create an A10 Thunder ADC machine
- Create a Cloudflare machine
- Create Kemp Virtual LoadMaster machine
- Create a Palo Alto Panorama machine
-
- Provision to an F5 BIG-IP LTM
- Provision to a Microsoft Azure Private Key Vault
- Provision to Microsoft IIS
- Provision to Microsoft Windows (PowerShell)
- Provision to Microsoft SQL Server
- Provision to a Common KeyStore
- Provision to a Citrix ADC
- Provision to an Imperva WAF
- Provision to VMware NSX Advanced Load Balancer (AVI)
- Provision to an A10 Thunder ADC
- Provision to Cloudflare
- Provision to a Kemp Virtual LoadMaster
- Provision to Palo Alto Panorama
-
-
- 47-Day Validity Readiness TLS Certificates dashboard
- About the Certificate Inventory
- Managing certificate lifecycle settings
- Reissuing certificates in Next-Gen Trust Security
- Downloading certificates, certificate chains, and keystores
- Retiring, recovering, and deleting certificates
- Finding certificates in the certificate inventory
- Importing certificates from a CA using EJBCA
- Notification Center overview
- Domain-based validation for external emails
- Managing user accounts
- Troubleshooting
About the Certificate Inventory
The Certificate Inventory provides a centralized view of all certificates managed in Next-Gen Trust Security. As your certificate inventory grows, search and filtering tools help you quickly locate certificates and review their status and details.
You can select any certificate in the inventory to view its details and take supported actions.
Note: Only certificates stored in the Inventory are included in certificate counts. Certificate counts shown throughout the UI reflect only certificates present in the inventory, ensuring consistency across views.
Summary View TLS Certificates dashboard
The Summary View TLS Certificates dashboard provides a high-level overview of certificate metrics based on your access permissions.
The Summary View displays the following metrics:
- Total number of certificates in the inventory
- Expired certificates
- Revoked certificates
- Certificates expiring within 15 days
- Certificates not assigned to an application
Certificate details drawer
When you click a certificate, a details drawer opens on the right side of the screen. The drawer displays detailed information about the selected certificate while keeping the inventory visible.
Clicking a linked value in the inventory opens the corresponding tab within the drawer. Use the X in the top-right corner to close the drawer.
Column menu
Use the Columns button to control which columns are visible in the inventory.
For visible columns, hover over a column name to access the column menu (three-dot icon).
What does each column type mean?
| Term | Definition |
|---|---|
| Actions | Supported operations available for the certificate. |
| Applications | Applications associated with the certificate. |
| CA Connection | The certificate authority connection used to issue the certificate. |
| Certificate Name | The name assigned to the certificate. |
| Checkbox selection | Selects one or more certificates for bulk actions. |
| Cloud Keystore | The cloud keystore where the certificate is stored. |
| Cloud Provider | The cloud provider hosting the certificate. |
| Errors | Critical issues detected for the certificate. |
| Expires In | Remaining time before certificate expiration. |
| Extended Key Usage | Intended purposes of the certificate key. |
| Fingerprint | Cryptographic hash used to uniquely identify the certificate. |
| Id | Unique identifier for the certificate record. |
| Imported From | Source used to import the certificate. |
| Issuing CA | Certificate authority that issued the certificate. |
| Key Strength & Type | Cryptographic algorithm and key size. |
| Managed Since | Date the certificate began being managed. |
| Origins | How the certificate was obtained (issued, imported, or discovered). |
| Revocation Date | Date the certificate was revoked. |
| Revocation Reason | Reason provided when revoking the certificate. |
| Revocation Status | Current revocation state as reported by the issuing CA. |
| Signature Hash Algorithm | Hash algorithm used to sign the certificate. |
| Tags | User-defined labels for organizing certificates. |
| TLS Server Endpoints | TLS endpoints using this certificate. |
| Validity (Days) | Total validity period of the certificate. |
| Warnings | Non-critical issues or risks detected for the certificate. |
For most columns, you can:
- Filter certificates by column value.
- Sort visible records by the column.
- Pin a column to the left or right for easier navigation.
- Show or hide columns to customize your view.
Tip: Sorting applies only to the certificates currently visible. Apply filters first if the inventory spans multiple pages.
Searching and filtering
Use the Search field to locate certificates by values such as certificate name, subject DN, issuer DN, or SANs.
The Filters option lets you build advanced queries across multiple columns. Filter settings are reflected in the page URL, allowing you to bookmark commonly used views or share filtered links with colleagues.
For detailed guidance, see Using filters to find certificates.
Display settings
Use Columns to control visible fields and Density to adjust row spacing in the inventory.
Export
Use Export to download the currently visible inventory data, including column headers, as a CSV file.
Certificate actions
From the Certificate Inventory, you can perform common certificate lifecycle actions, including: