Keeping a record of domain certificates is a crucial aspect of maintaining a robust cybersecurity posture and protecting an organization's assets, reputation, and operations against downtime and malicious behavior.
Certificates are also important from a compliance perspective. Organizations must demonstrate due diligence and accountability in the event of a security incident to protect the company from potential legal liability and regulatory action.
Search for Certificates
From the left navigation menu, select Advanced Query Builder > Domain Queries > Certificates.
Specify a domain.
(Optional) Check with_metadata to include metadata.
(Optional) Specify a date in date_min for certificates issued on or after that date.
(Optional) Specify a date in date_max for certificates issued on or before that date.
(Optional) Set a limit to control the number of results.
(Optional) Choose job_id for immediate results or result to wait for longer queries.
(Optional) Enter a domain_regex (valid re2 regex) to override the domain parameter.
(Optional) Specify cert_issuer with wildcards for issuer filtering.
(Optional) Set skip to skip results or max_wait for timeout in seconds.
Click Search.
Save Queries
Organizational users can save queries for future use or sharing.
Specify query parameters.
Click Save Query.
Provide a Name and Description for context.
Click Save. The query appears in Private Queries.
This ensures compliance and detects fake certificates in phishing campaigns.