diff --git a/CHANGELOG.md b/CHANGELOG.md
index ae03f0a17..c28070787 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,7 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## [Unreleased]
 
 ### Added
-- Added TLS certificates as a new resource type [#585](https://github.com/greenbone/gvmd/pull/585) [#663](https://github.com/greenbone/gvmd/pull/663) [#673](https://github.com/greenbone/gvmd/pull/673) [#695](https://github.com/greenbone/gvmd/pull/695) [#703](https://github.com/greenbone/gvmd/pull/703) [#732](https://github.com/greenbone/gvmd/pull/732)
+- Added TLS certificates as a new resource type [#585](https://github.com/greenbone/gvmd/pull/585) [#663](https://github.com/greenbone/gvmd/pull/663) [#673](https://github.com/greenbone/gvmd/pull/673) [#695](https://github.com/greenbone/gvmd/pull/695) [#703](https://github.com/greenbone/gvmd/pull/703) [#728](https://github.com/greenbone/gvmd/pull/728) [#732](https://github.com/greenbone/gvmd/pull/732)
 - Update NVTs via OSP [#392](https://github.com/greenbone/gvmd/pull/392) [#609](https://github.com/greenbone/gvmd/pull/609) [#626](https://github.com/greenbone/gvmd/pull/626)
 - Handle addition of ID to NVT preferences. [#413](https://github.com/greenbone/gvmd/pull/413)
 - Add setting 'OMP Slave Check Period' [#491](https://github.com/greenbone/gvmd/pull/491)
diff --git a/src/manage_pg.c b/src/manage_pg.c
index 386a759f5..203b0c0f8 100644
--- a/src/manage_pg.c
+++ b/src/manage_pg.c
@@ -3214,6 +3214,13 @@ create_tables ()
        "   UNION SELECT 1 AS autofp_selection"
        "   UNION SELECT 2 AS autofp_selection) AS autofp_opts;");
 
+  sql ("CREATE OR REPLACE VIEW tls_certificate_source_origins AS"
+       " SELECT sources.id AS source_id, tls_certificate,"
+       "        origin_id, origin_type, origin_data"
+       "  FROM tls_certificate_sources AS sources"
+       "  JOIN tls_certificate_origins AS origins"
+       "    ON sources.origin = origins.id;");
+
   sql ("DROP VIEW IF EXISTS vulns;");
   if (sql_int ("SELECT EXISTS (SELECT * FROM information_schema.tables"
                "               WHERE table_catalog = '%s'"
diff --git a/src/manage_sql.c b/src/manage_sql.c
index 12c4b3293..c060e6ccb 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -63900,6 +63900,10 @@ type_extra_where (const char *type, int trash, const char *filter,
       else
         extra_where = g_strdup (" AND hidden = 0");
     }
+  else if (strcasecmp (type, "TLS_CERTIFICATE") == 0)
+    {
+      extra_where = tls_certificate_extra_where (filter);
+    }
   else if (strcasecmp (type, "REPORT") == 0)
     {
       if (trash)
diff --git a/src/manage_sql_tls_certificates.c b/src/manage_sql_tls_certificates.c
index 44980bcc5..3f207eee4 100644
--- a/src/manage_sql_tls_certificates.c
+++ b/src/manage_sql_tls_certificates.c
@@ -180,6 +180,44 @@ tls_certificate_select_columns ()
   return columns;
 }
 
+/**
+ * @brief Get extra_where string for a TLS certificate iterator or count.
+ *
+ * @param[in]  filter           Filter string.
+ *
+ * @return     Newly allocated extra_where string.
+ */
+gchar *
+tls_certificate_extra_where (const char *filter)
+{
+  GString *ret;
+  gchar *report_id;
+
+  ret = g_string_new ("");
+
+  report_id = filter_term_value (filter, "report_id");
+
+  if (report_id)
+    {
+      gchar *quoted_id;
+      quoted_id = sql_quote (report_id);
+      g_string_append_printf (ret,
+                              " AND"
+                              " (EXISTS"
+                              "   (SELECT * FROM"
+                              "    tls_certificate_source_origins AS src_orig"
+                              "    WHERE tls_certificate = tls_certificates.id"
+                              "      AND origin_type = 'Report'"
+                              "      AND origin_id = '%s'))",
+                              quoted_id);
+      g_free (quoted_id);
+    }
+
+  g_free (report_id);
+
+  return g_string_free (ret, FALSE);
+}
+
 /**
  * @brief Count number of tls_certificates.
  *
@@ -192,9 +230,33 @@ tls_certificate_count (const get_data_t *get)
 {
   static const char *filter_columns[] = TLS_CERTIFICATE_ITERATOR_FILTER_COLUMNS;
   static column_t columns[] = TLS_CERTIFICATE_ITERATOR_COLUMNS;
+  gchar *filter;
+  char *extra_where;
+  int ret;
 
-  return count ("tls_certificate", get, columns, NULL, filter_columns,
-                0, 0, 0, TRUE);
+  if (get->filt_id && strcmp (get->filt_id, FILT_ID_NONE))
+    {
+      if (get->filter_replacement)
+        /* Replace the filter term with one given by the caller.  This is
+         * used by GET_REPORTS to use the default filter with any task (when
+         * given the special value of -3 in filt_id). */
+        filter = g_strdup (get->filter_replacement);
+      else
+        filter = filter_term (get->filt_id);
+      if (filter == NULL)
+        return 2;
+    }
+  else
+    filter = NULL;
+
+  extra_where
+    = tls_certificate_extra_where (filter ? filter : get->filter);
+
+  ret = count ("tls_certificate", get, columns, NULL, filter_columns,
+               0, 0, extra_where, TRUE);
+
+  g_free (extra_where);
+  return ret;
 }
 
 /**
@@ -211,17 +273,41 @@ init_tls_certificate_iterator (iterator_t *iterator, const get_data_t *get)
 {
   static const char *filter_columns[] = TLS_CERTIFICATE_ITERATOR_FILTER_COLUMNS;
   static column_t columns[] = TLS_CERTIFICATE_ITERATOR_COLUMNS;
+  gchar *filter;
+  char *extra_where;
+  int ret;
 
-  return init_get_iterator (iterator,
-                            "tls_certificate",
-                            get,
-                            columns,
-                            NULL,
-                            filter_columns,
-                            0,
-                            NULL,
-                            NULL,
-                            TRUE);
+  if (get->filt_id && strcmp (get->filt_id, FILT_ID_NONE))
+    {
+      if (get->filter_replacement)
+        /* Replace the filter term with one given by the caller.  This is
+         * used by GET_REPORTS to use the default filter with any task (when
+         * given the special value of -3 in filt_id). */
+        filter = g_strdup (get->filter_replacement);
+      else
+        filter = filter_term (get->filt_id);
+      if (filter == NULL)
+        return 2;
+    }
+  else
+    filter = NULL;
+
+  extra_where
+    = tls_certificate_extra_where (filter ? filter : get->filter);
+
+  ret = init_get_iterator (iterator,
+                           "tls_certificate",
+                           get,
+                           columns,
+                           NULL,
+                           filter_columns,
+                           0,
+                           NULL,
+                           extra_where,
+                           TRUE);
+
+  g_free (extra_where);
+  return ret;
 }
 
 /**
diff --git a/src/manage_sql_tls_certificates.h b/src/manage_sql_tls_certificates.h
index b36bedc64..4bdae5f11 100644
--- a/src/manage_sql_tls_certificates.h
+++ b/src/manage_sql_tls_certificates.h
@@ -33,6 +33,9 @@ tls_certificate_filter_columns ();
 column_t*
 tls_certificate_select_columns ();
 
+gchar *
+tls_certificate_extra_where (const char *);
+
 int
 delete_tls_certificate (const char *, int);
 
diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in
index bfbbdba34..c13f26c48 100644
--- a/src/schema_formats/XML/GMP.xml.in
+++ b/src/schema_formats/XML/GMP.xml.in
@@ -22951,6 +22951,11 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
             <type>iso_time</type>
             <summary>Time the certificate was last collected</summary>
           </column>
+          <option>
+            <name>report_id</name>
+            <type>uuid</type>
+            <summary>UUID of the report the cerificate must appear in</summary>
+          </option>
         </filter_keywords>
       </attrib>
       <attrib>