Follow

Info: Deprecated Functionality from Venafi Platform

Summary

This article contains a current list of features that have been removed from shipping versions of Trust Protection Platform. 

Applies To:

All versions of Trust Protection Platform.  More details below.

See Also:

For a list of features that are scheduled for deprecation in upcoming releases, see https://support.venafi.com/hc/en-us/articles/115001662292.

Venafi Platform 18.4 

Cisco ACE Certificate Installation Driver
Cisco announced the end-of-life of this product in late 2013. Cisco’s official end-of-support is January 2019.

POST Config/RemoveAttributeValues
POST Config/RemoveAttributeValues will be removed as a supported method. If misused, this API call can be catastrophically destructive. Config/RemoveAttributeValues was removed from product documentation in 18.3 and will be completely removed in 18.4. Instead, please use a similar API call, such as POST Config/ClearAttribute.

Venafi Platform 18.3

Network Discovery Jobs in Web Admin
Network Discovery job configuration was removed from the Web Administration console. Beginning in 18.2, you will need to use Aperture for all Network Discovery jobs. Enhanced configuration options for Network Discovery have been available in Aperture since version 14.3.

Onboard Discovery will be moved from Web Admin to Aperture
Onboard discovery for F5, NetScaler, and DataPower will only be available in Aperture. These onboard discovery options are no longer available in the Web Administration Console.

Server Agent Support for SuSE/SLES 10
Long Term Service Pack Support for SuSE/SLES 10 SP4 ended on 31 July 2016.  In 18.1, support for SLES 12 was added so we dropped support for SusE/SLES 10 in 18.3

F5 Provisioning/Installation Support for F5 version 10.x
This has been considered a legacy platform for several years and the vendor has ended support in December 2016.  Discontinuing support will allow for removing complexity in coding, usability, testing and support.

GSK Provisioning & Certificate Installation Support for JKS and PKCS#12
IBM Dropped support for the JKS format when they released GSK 8.0 in 2010.  The GSK driver support for JKS and PKC#12 depends upon the software utilities hosted on the remote device which has proven problematic.  Venafi's JKS and PKCS#12 drivers are better suited to handle these use cases because they support central generation of the keystone and now support all of the use cases the GSK driver once uniquely supported.

GSK Storage Types
The JCEKS, JKS, and PKCS#12 Storage Types for GSK Application objects have been discontinued in 18.3. Only the Certificate Management Services (CMS) Storage Type is supported.

 Venafi Platform 18.2

Server Agent Support for RedHat Enterprise Linux 4.x
In order to improve Venafi build processes, support for RHEL 4.x was dropped. This is because RHEL 4.x cannot support the improvements made to Venafi build processes. RHEL 4 was released in 2005 and the last kernel update was in 2011.

Master Admin Permissions Revocation
Trust Protection Platform no longer allows master administrators to have permissions revoked anywhere within the product tree. Any additional permissions assigned or removed are ignored.

Automatic configuration of Microsoft Outlook 2007
In 18.1, Enterprise Mobility Protect User Agent was able to automatically configure Microsoft Outlook 2007 with the latest user certificate. Microsoft officially announced the end of extended support of Office 2007. Therefore, when you upgrade to Trust Protection Platform 18.2, Enterprise Mobility Protect User Agent no longer supports automated configuration of Outlook 2007.

Venafi Platform 18.1

Server Agent No Longer Supports Apache Driver

The Apache driver is not supported with Server Agent provisioning mode after 18.1. Instead, you can use Agentless certificate installation.           

User Portal No Longer Supports Local Key Generation in Internet Explorer
Modern browsers have either deprecated or plan to deprecate support for key and CSR generation within the browser.  The current method for Internet Explorer requires ActiveX controls and the lowering of IE security settings to run.  Because of this, the User Portal will only support service generated private keys and CSRs for requesting certificates.

Symmetric Key Manager Product
The Symmetric Key Manager component has been removed from the available components list of the installer. Symmetric key management has not been a focus of our short- or long-term roadmap for several years.

Comodo Certificate Authority Driver - Web Host Reseller (legacy)
According to Comodo, all customers have been (or are) in the process of being migrated to the newer Comodo Certificate Manager (CCM) platform. Therefore, the legacy CA driver has been removed.

Entrust Security Manager Certificate Authority Driver
This native driver has been replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

Symantec Local Hosting Kit (LHK) Certificate Authority Driver
This native driver has been replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

Keynectis Sequoia Certificate Authority Driver
This native driver has been replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

SSH TrustMap
SSH TrustMap has been removed. You can get the textual information provided by TrustMap in other areas of the product user interface. We are evaluating requirements and exploring other models that will provide a graphical view of SSH trust relationships in a future version of the product.  

Log View Read Only Credentials
In previous versions of Trust Protection Platform, there were separate credentials that could be entered specifically for viewing logs in WebAdmin and WinAdmin. This feature was not used widely by customers and during a refactor to allow for each Trust Protection Platform server to have it's own database connection configuration (some Trust Protection Platform servers can now have WinAuth while other others have SQL Auth), this feature was dropped.

TrustNet Dashboard Widget "New Locations" Slice
In 18.1 TrustNet features in TPP have been updated, during the update, the "New Locations" Slice has been removed from the trustnet Dashboard widget

TrustNet Dashboard Widget "Duplicate Name" Slice and Inventory Filter
In 18.1, TrustNet features in Trust Protection Platform has been updated. During the update, the "Duplicate Name" Slice has been removed from the TrustNet Dashboard widget. Also, the Duplicate Name filter has been removed from the TrustNet filter on the Certificate Inventory page.

Venafi Platform 17.4

Microsoft SQL Server 2008 R2
Venafi Trust Protection Platform no longer works with Microsoft SQL Server 2008 R2.  Please upgrade to a recently patched version of Microsoft SQL 2012 R2, 2014, or 2016 prior to installing Trust Protection Platform 17.4 or higher.

See Also: Error: "This Upgrade Is Not Allowed Due To An Incompatible Version Of SQL Server"

Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 R2 is no longer a supported version to run Venafi Trust Protection Platform 17.4 or higher.  Before upgrading your Trust Protection Platform environment, you should have new Windows servers available on which to install Trust Protection Platform so that you can replace existing Servers running older versions of Venafi software. Currently supported versions of Windows Server are: Microsoft Windows 2016 Server (server with user interface) and Microsoft Windows 2012 Server R2 (server with user interface).

Venafi Server Agent no longer supports Windows Server 2003
In order for the Venafi Server Agent to update it's runtime libraries, support for Windows Server 2003 had to be dropped. The 17.4 version of the Server Agent will not run on Windows Server 2003. Please upgrade your Windows Servers 2003 to newer versions of the Microsoft Server Operating System in order to continue to have the Venafi Agent installed on those systems.

Venafi Platform 17.3 

Transition IBM DataPower Driver interface from SSH to REST
This driver has been transitioned from SSH CLI to a REST API.  DataPower versions prior to 7.2 will no longer be supported; however, they should still be compatible.  Versions being targeted for support are XI52 7.2 and IDG 7.5.

Transition DigiCert CA Driver from Enterprise to CertCentral API
The DigiCert CA driver has been migrated from the legacy Enterprise API to the current CertCentral API. You will need to have your account migrated. DigiCert has stated that they are available to help customers with the migration.

Venafi Platform 17.2

Supported Firefox version Update
Supported web browsers have been updated to Internet Explorer 11 and Mozilla FireFox ESR 52. The latest version of Google Chrome is still categorized as a compatible browser.

Devices removed from Aperture Folder tree
Devices have been removed from the Aperture Folder tree so that only Folders are visible.  This was done to enhance performance and usability.  Devices are still accessible to SSH customers in the Aperture Inventory menu.

Inventory > Devices top navigation menu. Agent Discovery of Root Certificates
In order to increase performance of Server Agent Certificate Discovery, Trust Protection Platform no longer stores data where it was found for root and intermediate certificates.  In previous versions, partial information on where the Root certificate was discovered was available from the Support tab.

IBM GSK Driver Support for GSK version 6.0
The GSK Certificate Installation Driver no longer supports version 6.0.  Version 6.0 reached end-of-life in September 2013.

Java Key Store (JKS) Driver Support for Java version 1.4 or 1.5
The Java Key Store (JKS) Certificate Installation Driver no longer supports Java versions 1.4 or 1.5. These versions reached their end-of-life in October 2008 and October 2009, respectively.

Venafi Platform 17.1

Brocade Application Driver
The Brocade Application Driver used for certificate installations is no longer available.

Verizon SureServer Certificate Authority Driver
The Verizon SureServer Certificate Authority Driver used for certificate enrollments is no longer available.

Oracle DB support
Oracle is no longer supported. For more information refer to: https://support.venafi.com/hc/en-us/articles/227567188

Canned CA Trust Report
The canned CA Trust Report found in the Web Administration Console has been removed.

Web Admin Licensing Status Dashboard
This functionality has been migrated to Aperture and is now visible on the new System Status dashboard.

Venafi Support Tool
The Venafi Support Tool is removed.  It has been replaced by a new utility called the Venafi Support Center.

Venafi Platform 16.4

VED Client UI Portal
The undocumented and unsupported UI Portal component has been removed.  This change should not affect any customers. 

z/OS CA driver
The z/OS CA driver has been removed from Trust Protection Platform. This integration is outdated and the Adaptable CA driver provides a better alternative.

Venafi Platform 16.3

SSH non-recursive discovery
SSH Key Discovery no longer supports performing non-recursive scans. The ability to scan "just this folder" and exclude all sub-folders is no longer available.

Aperture certificate status “Revocation Approval Required”
The Certificate Status of Revocation Approval Required has been replaced with Pending My Approval.

Venafi Server Agent has deprecated support for Hewlett Packard Unix Persistent Architecture Reduced Instruction Set Computer (HP-UX PA-RISC)
Venafi Trust Protection Platform no longer includes an agent installer for HP-UX PA-RISC.  This does not affect our support for HP-UX on Itanium Processors (HP-UX IA).  Hewlett Packard stopped supporting HP-UX PA-RISC in early 2005.  We have deprecated support for this specific operating system so that we can realign resources to support newer and more popular enterprise operating systems.

Fore more information about the deprecation of PA-RISC, visit: https://support.venafi.com/hc/en-us/articles/218241207

Aperture License dashboard widget and filter
The License dashboard widget and certificate list License filter have been removed from the Aperture console.  If this filter was used in a saved Custom Report, the report will be updated to remove this filter. Licensing information can be retrieved using the in-product Licensing Report found in the Web Administration Console.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments