Class: Certificate
The Digital Certificate, also known as a Public Key Certificate, object
contains information about the ownership and usage of a public key. It serves
as a means to establish trust in the authenticity and integrity of the public
key and the associated entity.
URI: ocsf:Certificate
classDiagram
class Certificate
click Certificate href "../Certificate/"
Object <|-- Certificate
click Object href "../Object/"
Certificate : created_time
Certificate : expiration_time
Certificate : fingerprints
Certificate --> "* _recommended_" Fingerprint : fingerprints
click Fingerprint href "../Fingerprint/"
Certificate : is_self_signed
Certificate : issuer
Certificate : sans
Certificate --> "*" San : sans
click San href "../San/"
Certificate : serial_number
Certificate : subject
Certificate : uid
Certificate : version
Inheritance
- OcsfObject
- Object
- Certificate
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| created_time | 0..1 recommended TimestampT |
The time when the certificate was created | direct |
| expiration_time | 0..1 recommended TimestampT |
The expiration time of the certificate | direct |
| fingerprints | * recommended Fingerprint |
The fingerprint list of the certificate | direct |
| is_self_signed | 0..1 recommended Boolean |
Denotes whether a digital certificate is self-signed or signed by a known | direct |
| issuer | 1 String |
The certificate issuer distinguished name | direct |
| sans | * San |
The list of subject alternative names that are secured by a specific | direct |
| serial_number | 1 String |
The serial number of the certificate used to create the digital signature | direct |
| subject | 0..1 recommended String |
The certificate subject distinguished name | direct |
| uid | 0..1 String |
The unique identifier of the certificate | direct |
| version | 0..1 recommended String |
The certificate version | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Sso | certificate | range | Certificate |
| Tls | certificate | range | Certificate |
| DigitalSignature | certificate | range | Certificate |
| Authentication | certificate | range | Certificate |
In Subsets
Aliases
- Digital Certificate
See Also
Notes
- D3FEND™ Ontology d3f:Certificate. — https://d3fend.mitre.org/dao/artifact/d3f:Certificate/
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Certificate |
| native | ocsf:Certificate |
| exact | stix:X509Certificate |
LinkML Source
Direct
name: Certificate
description: 'The Digital Certificate, also known as a Public Key Certificate, object
contains information about the ownership and usage of a public key. It serves
as a means to establish trust in the authenticity and integrity of the public
key and the associated entity.'
notes:
- 'D3FEND™ Ontology d3f:Certificate. —
https://d3fend.mitre.org/dao/artifact/d3f:Certificate/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:Certificate/
aliases:
- Digital Certificate
exact_mappings:
- stix:X509Certificate
is_a: Object
slots:
- created_time
- expiration_time
- fingerprints
- is_self_signed
- issuer
- sans
- serial_number
- subject
- uid
- version
slot_usage:
created_time:
name: created_time
description: The time when the certificate was created.
recommended: true
expiration_time:
name: expiration_time
description: The expiration time of the certificate.
recommended: true
fingerprints:
name: fingerprints
description: The fingerprint list of the certificate.
recommended: true
is_self_signed:
name: is_self_signed
recommended: true
issuer:
name: issuer
description: The certificate issuer distinguished name.
required: true
sans:
name: sans
description: 'The list of subject alternative names that are secured by a specific
certificate.'
serial_number:
name: serial_number
description: The serial number of the certificate used to create the digital signature.
required: true
subject:
name: subject
description: The certificate subject distinguished name.
recommended: true
uid:
name: uid
description: The unique identifier of the certificate.
version:
name: version
description: The certificate version.
recommended: true
Induced
name: Certificate
description: 'The Digital Certificate, also known as a Public Key Certificate, object
contains information about the ownership and usage of a public key. It serves
as a means to establish trust in the authenticity and integrity of the public
key and the associated entity.'
notes:
- 'D3FEND™ Ontology d3f:Certificate. —
https://d3fend.mitre.org/dao/artifact/d3f:Certificate/'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://d3fend.mitre.org/dao/artifact/d3f:Certificate/
aliases:
- Digital Certificate
exact_mappings:
- stix:X509Certificate
is_a: Object
slot_usage:
created_time:
name: created_time
description: The time when the certificate was created.
recommended: true
expiration_time:
name: expiration_time
description: The expiration time of the certificate.
recommended: true
fingerprints:
name: fingerprints
description: The fingerprint list of the certificate.
recommended: true
is_self_signed:
name: is_self_signed
recommended: true
issuer:
name: issuer
description: The certificate issuer distinguished name.
required: true
sans:
name: sans
description: 'The list of subject alternative names that are secured by a specific
certificate.'
serial_number:
name: serial_number
description: The serial number of the certificate used to create the digital signature.
required: true
subject:
name: subject
description: The certificate subject distinguished name.
recommended: true
uid:
name: uid
description: The unique identifier of the certificate.
version:
name: version
description: The certificate version.
recommended: true
attributes:
created_time:
name: created_time
description: The time when the certificate was created.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Created Time
rank: 1000
alias: created_time
owner: Certificate
domain_of:
- Osint
- RelatedEvent
- Sbom
- Scim
- Session
- Sso
- Token
- Whois
- Resource
- Advisory
- AuthenticationToken
- Certificate
- Cve
- Database
- Databucket
- DigitalSignature
- Enrichment
- Epss
- File
- FindingObject
- FindingInfo
- Job
- KbArticle
- LdapPerson
- ProcessEntity
- Table
- Device
range: TimestampT
recommended: true
expiration_time:
name: expiration_time
description: The expiration time of the certificate.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Expiration Time
rank: 1000
alias: expiration_time
owner: Certificate
domain_of:
- Osint
- Session
- Token
- AuthenticationToken
- Certificate
- HttpCookie
- FileHosting
- NetworkFileActivity
range: TimestampT
recommended: true
fingerprints:
name: fingerprints
description: The fingerprint list of the certificate.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Fingerprints
rank: 1000
alias: fingerprints
owner: Certificate
domain_of:
- Certificate
- NetworkEndpoint
range: Fingerprint
recommended: true
multivalued: true
is_self_signed:
name: is_self_signed
description: 'Denotes whether a digital certificate is self-signed or signed by
a known
certificate authority (CA).'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Certificate Self-Signed
rank: 1000
alias: is_self_signed
owner: Certificate
domain_of:
- Certificate
range: boolean
recommended: true
issuer:
name: issuer
description: The certificate issuer distinguished name.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Issuer Details
rank: 1000
alias: issuer
owner: Certificate
domain_of:
- Session
- Certificate
- Idp
range: string
required: true
sans:
name: sans
description: 'The list of subject alternative names that are secured by a specific
certificate.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Subject Alternative Names
rank: 1000
alias: sans
owner: Certificate
domain_of:
- Tls
- Certificate
range: San
multivalued: true
serial_number:
name: serial_number
annotations:
observable_id:
tag: observable_id
value: 37
description: The serial number of the certificate used to create the digital signature.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Serial Number
rank: 1000
alias: serial_number
owner: Certificate
domain_of:
- Aircraft
- Certificate
- DeviceHwInfo
- PeripheralDevice
- UnmannedAerialSystem
range: string
required: true
subject:
name: subject
description: The certificate subject distinguished name.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Subject Details
rank: 1000
alias: subject
owner: Certificate
domain_of:
- Certificate
- Email
range: string
recommended: true
uid:
name: uid
description: The unique identifier of the certificate.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Certificate
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
version:
name: version
description: The certificate version.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Version
rank: 1000
alias: version
owner: Certificate
domain_of:
- Os
- Package
- RpcInterface
- Sbom
- Scim
- SoftwareComponent
- Tls
- Agent
- AiModel
- Analytic
- Api
- ApplicationObject
- Attack
- Certificate
- Check
- CisControl
- CisCsc
- Cvss
- D3fend
- Databucket
- Epss
- Extension
- Feature
- File
- HttpRequest
- Logger
- ManagedEntity
- Metadata
- Policy
- Product
- ResourceDetails
- Rule
- Service
- NtpActivity
range: string
recommended: true