Frequently Asked Questions

Entrust Discovery

  1. Will this solution only find SSL certificates?
  2. Since management of Entrust certificates are free, how do I get credited for my used license when I switch an non-Entrust managed certificate to an Entrust certificate?
  3. Is there a functional difference between the Cloud model and the Premises model or is it the same software?
  4. Why do I have to install the Discovery Agent on my (customer) premises?
  5. Which O/S’s will the Discovery Agent run on?
  6. Do I need to back up the Agent?

  1. Will this solution only find SSL certificates?
    Entrust Discovery will find any certificate exposed to a network service. Ie. If it is protecting an IP address on a port, we will be able to detect it. This includes SSL certificates, device certificates, etc
  2. Since management of Entrust certificates are free, how do I get credited for my used license when I switch an non-Entrust managed certificate to an Entrust certificate?
    You must switch to an Entrust certificate, and then re-run the Discovery Agent, and ensure the results are imported into the Manager. The Manager will detect that a replacement occurred and credit the license count at that time.
  3. Is there a functional difference between the Cloud model and the Premises model or is it the same software?
    The Cloud model offers single sign-on, and has a few less items to configure (email sender, licensing), but otherwise is the same product.
  4. Why do I have to install the Discovery Agent on my (customer) premises?
    In order to be able to query your internal IP addresses, the source of the query needs to reside in your premises. By installing the Discovery Agent in your premises, you are able to discover both your internal and external facing certificates.
  5. Which O/S’s will the Discovery Agent run on?
    Discovery Agent will run on Linux Red Hat 5.5+, and on Windows (XP, 7, 2003, 2008 32 and 64 bit).
  6. Do I need to back up the Agent?
    No. If you uninstall the Agent or lose the machine it’s running on, you can always reinstall an Agent and rerun scans. The most you would lose is your saved scans and any data that has been discovered but not yet uploaded to the Manager. If you are planning on removing the Agent, be sure to export to the Manager first.