How inventory of certificates via WMI works

Last updated on: October 18th, 2021

vScope can be used to discover certificates in the local cert store on a machine. For this, vScope uses the WinRM protocol in the WMI probe.

There are two options relevant to the certificate inventory in the WMI credential’s advanced options:

Following are descriptions of how these two options works.

#1 Ignore certificates in the personal store

With this disabled, vScope retrieves all certificates located in localMachine/my folder and all of its recursive certificates.

#2 Ignore IIS sites and connected certificates

With this disabled, vScope retrieves IIS Sites, applications, application pools, services, versions, virtualDirs, bindings, SSL bindings, and certificates. These certificates are located in the folder localMachine/my folder and the option retrieves the same certificates as the above option, but without its recursive certificates.

If the #1 option is enabled, but the second one is disabled, vScope will still retrieve the certificates located in the personal store.