I'd like to use QID 86002 data to verify certificates are installed correctly.
If Qualys is only obtaining the certificate information via a TCP connect then that's fine, I know all the data suits my needs.
However, if Qualys is also gathering certificate information by logging into the device then I have 2 concerns:
1) How can we be sure that the certificate is actually used
2) If we can't be sure, then are records found using this method differentiated from those found through TCP connects?
So, can someone confirm for me the method/s used for 86002 ?