Skip to content
/ getCert_CE Public

Gather SSL Certificates for integration to BMC Discovery. This is the Community Edition.

License

Apache-2.0 license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

traversys/getCert_CE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
dockerbuild
dockerbuild
 
 
docs
docs
 
 
standalone
standalone
 
 
tpl
tpl
 
 
xml
xml
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
VERSION
VERSION
 
 
config.ini
config.ini
 
 
getcert.py
getcert.py
 
 
install.py
install.py
 
 
sample_input.txt
sample_input.txt
 
 

Repository files navigation

getCert CE - SSL Certificates for BMC Discovery

Copyright 2021 Traversys Limited
License Apache License 2.0
Version 1.7.0 (ED-209)

Overview

Traversys getCert is an extension to BMC Discovery. It operates independently of Discovery scans in either a Docker container or a standalone script. getCert non-invasively collect information about externally facing SSL certificates (accessible via open web/application ports) against your data center infrastructure.

getCet triggers an event to Discovery via the API which contains a temporary key to unlock the encrypted capture data stored with the getCert application files. The getCert pattern module will then trigger on the event and scan the getCert data source to retrieve and build a list of certificate Detail nodes. If any SoftwareInstances match the certificate IP or common name and port getCert will automatically attempt to map the Detail to the SI, alternatively, for other network devices - getCert will map directly to the device node.

getCert comes with a beta CMDB sync pattern which follows the schema of BMC's TLS Certificate OOTB mappings - and will sync any SSL Certificate details mapped directly to a SoftwareInstance to BMC_Document.

getCert is highly configurable, with the option to scan subnets, websites, DNS hostnames or IP addresses, and the discovered data can be added to the model in different ways with custom extensions.

Quickstart

  1. Install and configure Docker
  2. Run docker build --tag getcert --progress=plain -f dockerbuild/Dockerfile .
  3. Make a note of the password generated by the build script
    alt text
  4. Startup the Container
docker run -t -d -p 2222:22 --name getCert -v ${PWD}:/opt/Traversys/getCert getcert:latest
  1. Access the shell: docker exec -it getCert /bin/bash
  2. Navigate to /opt/Traversys/getCert
  3. Run the installation script python3 install.py
  4. Run getCert
$ screen
$ python3 /opt/Traversys/getCert/getcert.py --instance <Discovery URL/IP> --config /opt/Traversys/getCert/config.ini

Scan Modes

getCert will commence in the background and export details to an encrypted data file.

There are 3 modes you can use and are set in the config file:

  1. Scan for SSL Certificates on the test ips/subnet string
  2. Scan for a list of ips/subnets in the specified input file
  3. Run the query (appliance login needed) to export a list of ips/subnets

Full Documentation: https://traversys.github.io/getCert_CE/

About

Gather SSL Certificates for integration to BMC Discovery. This is the Community Edition.

Topics

ssl ssl-certificates tls-certificate bmc bmc-discovery

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

2 forks
Report repository

Releases 2

getCert 1.7.0 (ED-209) Latest
Oct 20, 2021
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages