Summary
Occasionally, we remove functionality from Trust Protection Platform to stay current with emerging technologies and to serve the changing needs of our customers. Some of the more common reasons for deprecating features include the following:
- Minimal use of a feature by the majority of our customers
- Technologies that have become obsolete
- Features that have become too expensive to maintain
- Changes in our technology road map
- Important security enhancements to Trust Protection Platform
See Also:
For a list of features that have been deprecated prior to the current release, visit:
Scheduled Feature Deprecations
Although planned feature deprecations are subject to change, the following list indicates which features are planned for removal from upcoming releases of Trust Protection Platform:
Venafi Platform 22.1
VAM nShield Certificate Installation Driver Deprecation
Starting in 21.4, application objects for VAM nShield Certificate Installation instances will be converted to basic application objects.
Pass-through Authentication
With the release of SAML support, we plan on deprecating the support for pass-through authentication. Before SAML was introduced, Pass-through authentication is the mechanism that was used to integrate with Oracle Identity and Access Manager (IAM). If you are using IAM with the Venafi Trust Protection Platform, please update your configuration to leverage SAML prior to upgrading to 22.1 or higher.
UniCert CA Driver Deprecation
Due to lack of usage and security concerns with the architecture of the driver, support for UniCert CA will no longer be natively available in TLS Protect of the Trust Protection Platform starting in 22.1.
Removal of three detail screens from the About section of the Web Console
Starting in 22.1, the following three screens will be removed from the Web Console About section:
- Loaded API Assemblies (Scheduled for 22.4)
- Loaded UI Plugins (Scheduled for 22.4)
- Third Party UI Libraries (Scheduled for 22.1)
These screens were originally included to aid in troubleshooting of problems related to the Web Console, but instead were rarely, if ever, used.
Server Agent iPlanet BerkelyDB keystore format discovery
Starting 22.1 the Server Agent will drop the capability to discover iPlanet keystores in the BerkelyDB format. The Server Agent will continue to be able to discovery iPlanet keystores in the SQLite (NSS) format.
Venafi Platform 22.2
WebSDK Authorization Method involving API keys is only available with a License Key
Starting in 22.2, only customers with a special, temporary license key from Venafi will be able to leverage WebSDK API Keys to authenticate to the WebSDK. Without the license key, both POST Authorize and the WebSDK Permission will not be available.
POST SecretStore/Delete WebSDK Method
POST SecretStore/Delete will be removed in 22.2. Instead, you should be using
POST SecretStore/OwnerDelete. SecretStore/Delete does not properly clean-up references to the vault being deleted. It's usage leads to data being in an inconsistent state.
Imperva MX will support provisioning of device certificates only
Starting in 22.2 Imperva MX driver will be able to provision device certificates only. After upgrading to 22.2 existing Imperva MX applications will be converted to Basic applications and retain certificate association. Provisioning certificates in bulk to Imperva MX can be accomplished using the Adaptable Bulk Provisioning job.
Venafi Server Agent on HP-UX
We intend to stop producing new releases of Venafi Server Agent on HP-UX (Itanium) with the 22.2 release, making the 22.1 release the the last to include support for the platform.
Venafi Platform 22.3
WebSDK Authorization Method involving API Keys (End-of-Support)
The WebSDK authorization method that involves API keys was formally deprecated in Trust Protection Platform 20.2 and will no longer be available in code beginning in 22.3. The "WebSDk" permission that is available on users and groups will no longer be available. The temporary license key introduced in 22.2 will no longer be available.
Comments
Article updated on June 19, 2018
Article updated on April 7, 2020 - Removed items that were deprecated in 20.1 since 20.1 has shipped. Added Windows Server 2012 R2 to be deprecated. in 20.2 will lower from supported to compatible. In 20.3 we will drop support for Windows 2012 R2 completely for hosting installations of TPP.
Article updated on May 12, 2020 - Some deprecation items were moved from 20.2 to 20.3. Also, more detail was added regarding timeline for deprecating WebSDK API keys now that WebSDK Tokens have been delivered in 20.1
Article updated on August 11, 2020 to remove items that were deprecated in 20.2 since 20.2 has shipped. Also added TrustNet to the deprecation list scheduled for 20.3
Article updated September 29, 2020 to accommodate 20.3 release. Added Pass-through authentication to the list.
Added IE11 to the deprecation list
21.1 Removed from the list because 21.1 has shipped.
Updated on May 18, 2021 because some deprecations were pushed out to later releases
Updated May 27, 2021 to add VAM nShield to the 21.4 deprecation list.
Updated August 3, 2021 to updated versions for Symantec, API Key, and Imperva deprecation versions
Updated September 27, 2021 to add removal of three "About Version" screens from the Web Console to the deprecation roadmap.
Updated October 20, 2021 -
Added POST SecretStore/Delete WebSDK Method to the deprecations list for 22.1
UniCert CA Driver was updated for removal in 22.1. Originally was posted for removal in 22.2.
Imperverva depreciation and WebSDK API Key deprecation both pushed back a release.
Move Server Agent Deprecation for HP-UX from 21.4 to 22.1.
Some of the deprecations slipped out of 22.1 and into 22.2: