AnsweredAssumed Answered

SSL website scan via VM or WAS?

Question asked by Tom S on Sep 26, 2019
Latest reply on Sep 26, 2019 by Busby

Hi Everyone, 


I am new to Qualys and getting through first hurdles - clean slate, slowly building up my asset collection. 


I am trying to scan several domains and report supported SSL/TLS protocol per domain.


1. In VM library I found SSL Certificates template - since all web sites are load balanced I was thinking to scan using DNS. Apparently I can't use WAS web applications (tags) when creating VM scan as needs to be IP range.


2. Should I recreate SSL Certificates template (QIDs) in WAS as a Search list then use in option profile? I've imported this VM Option Profile as global but not available in WAS.


3. I have no CertView in my Side Menu however when scanned example domain using FQDN and I view result using scan action menu I see below even thought host was Active and scanned:


No data is displayed due to one or more of these reasons:
- There was no data found for this host.
- No host alive.
- One or more hosts are in the Excluded Hosts list.
- Hosts were scanned but no open port was found.


As always there is more than one way to skin a cat. I haven't yet scan my environment enough to build great collection of assets, hosts, domains etc. Trying to do on demand SSL sweep across many websites.

What would be best approach?