1. Censys
  2. Censys Search
  3. Upgrading to Censys Certs 2.0

Other Articles In This Section

In this article:

Certs 2.0 Field Changes

  • Updated

Our transition guides have stated that some fields in the data have been removed, changed, or added. Here’s a detailed guide for reference that goes field-by-field through what’s been removed from the legacy schema and what it has been replaced with in 2.0.

Replaced Fields

The legacy fields in this table have been replaced. The nature of the change is sometimes just a clearer key name, sometimes a change to a nested structure, or just a relocation for accuracy or ease of query.

Certs 1.0 Field → Certs 2.0 Beta Field

  • ct.*ct.entries.key

  • ct.*ct.entries.value.*

  • metadata.added_atadded_at

  • metadata.parse_statusparse_status

  • metadata.seen_in_scanever_seen_in_scan

  • metadata.updated_atmodified_at

  • parsed.extensions.qc_statements.parsed.pds_locations.locationsparsed.extensions.qc_statements.parsed.pds_locations.*

  • parsed.extensions.signed_certificate_timestamps.signatureparsed.extensions.signed_certificate_timestamps.signature.* signature

  • parsed.fingerprint_md5fingerprint_md5

  • parsed.fingerprint_sha1fingerprint_sha1

  • parsed.fingerprint_sha256fingerprint_sha256

  • parsed.namesnames

  • parsed.signature_algorithm.nameparsed.signature.* signature_algorithm.name

  • parsed.signature_algorithm.oidparsed.signature.* signature_algorithm.oid

  • parsed.spki_subject_fingerprintspki_fingerprint_sha256

  • parsed.subject_key_info.dsa_public_key.*parsed.subject_key_info.dsa.*

  • parsed.subject_key_info.ecdsa_public_key.*parsed.subject_key_info.ecdsa.*

  • parsed.subject_key_info.rsa_public_key.*parsed.subject_key_info.rsa.*

  • parsed.tbs_fingerprinttbs_fingerprint_sha256

  • parsed.tbs_noct_fingerprinttbs_no_ct_fingerprint_sha256

  • parsed.validation_levelvalidation_level

  • parsed.validity.endparsed.validity_period.length_seconds

  • parsed.validity.lengthparsed.validity_period.not_after

  • parsed.validity.startparsed.validity_period.not_before

  • validation.*.pathsvalidation.*.chains.sha256fp

  • validation.*.trusted_pathvalidation.*.has_trusted_path

  • validation.*.validvalidation.*.is_valid

  • validation.*.was_validvalidation.*.ever_valid

  • validation.crl_revocation.next_updaterevocation.crl.* next_update

  • validation.crl_revocation.reasonrevocation.crl.reason

  • validation.crl_revocation.revokedrevocation.crl.revoked

  • validation.ocsp_revocation.next_updaterevocation.ocsp.* next_update

  • validation.ocsp_revocation.reasonrevocation.ocsp.reason

  • validation.ocsp_revocation.revokedrevocation.ocsp.revoked

  • validation.revokedrevoked

  • zlint.lintszlint.failed_lints

Removed Fields from Legacy Certs

A few fields have been removed that have no equivalent in the new schema:

  • metadata.parse_error

  • metadata.parse_version

  • metadata.post_processed

  • metadata.post_processed_at

  • metadata.source

  • parsed.extensions.extended_key_usage.value

  • parsed.extensions.signed_certificate_timestamps.extensions

  • validation.*.blacklisted

  • validation.*.whitelisted

  • validation.crl_error

  • validation.ocsp_error

New Fields in 2.0

A few fields have been added that do not have an equivalent in the legacy schema:

  • parsed.extensions.extended_key_usage.ipsec_intermediate_system_usage

  • parsed.extensions.name_constraints.excluded_uris

  • parsed.extensions.name_constraints.permitted_uris

  • parsed.extensions.signed_certificate_timestamps.signature.*

  • parsed.extensions.tor_service_descriptors.*

  • revocation.crl.revocation_time

  • revocation.ocsp.revocation_time

  • validated_at

  • zlint.timestamp

See the entire schema of the new certificate record here.

Related articles

Comments

0 comments

Please sign in to leave a comment.