Follow

Info: Functionality Scheduled for Deprecation

Summary

Occasionally, we remove functionality from Trust Protection Platform in order to stay current with emerging technologies and to serve the changing needs of our customers. Some of the more common reasons for deprecating features include the following:

  • Minimal use of a feature by the majority of our customers
  • Technologies that have become obsolete
  • Features that have become too expensive to maintain
  • Changes in our technology road map 
  • Important security enhancements to Trust Protection Platform

See Also:

For a list of features that have been deprecated prior to the current release, visit:

https://support.venafi.com/hc/en-us/articles/115001578651


Scheduled Feature Deprecations

Although planned feature deprecations are subject to change, the following list indicates which features are planned for removal from upcoming releases of Trust Protection Platform:

Venafi Platform 18.1

User Portal will no longer support local key generation in Internet Explorer
Modern browsers have either deprecated or plan to deprecate support for key and CSR generation within the browser.  The current method for Internet Explorer requires ActiveX controls and the lowering of IE security settings to to run.  Because of this, the portal will only support service generated private keys and CSRs for requesting certificates.

POST Config/Read for reading Validation results on Certificate and Application Objects
A new storage system will be introduced with the 18.1 release. Validation results will be moved from Config to a new data storage modal where validation result data is represented more appropriately. Because of this, using standard Config calls to read the data will no longer work. To support this update, new API methods will be introduced for getting data.

POST SecretStore/LookupAssociationByVaultId for reading TrustNet data
A new storage system will be introduced with the 18.1 release. TrustNet data is stored in Secret Store associations and will be moved to the new data model.  Standard Secret Store calls to read the data will no longer work because of a refactoring of the data. To support this update, new API methods will be introduced for getting data.

Certificate Authority Report
The canned Certificate Authority report will be removed. The distribution of certificate authorities by number of issued certificates is available in the Certificate Inventory Report and the Certificate Dashboard in Aperture.

Symmetric Key Manager Product
The Symmetric Key Manager component will be removed from the available components list of the installer. Symmetric key management has not been a focus of our short- or long-term roadmap for several years.

Comodo Certificate Authority Driver - Web Host Reseller (legacy)
According to Comodo, all customers have been (or are) in the process of being migrated to the newer Comodo Certificate Manager (CCM) platform. Therefore, the legacy CA driver will be removed.

Entrust Security Manager Certificate Authority Driver
This native driver will be replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

Symantec Local Hosting Kit (LHK) Certificate Authority Driver
This native driver will be replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

Keynectis Sequoia Certificate Authority Driver
This native driver will be replaced by an Adaptable script developed by a third-party Venafi Technology Partner.

SSH TrustMap will be removed
SSH TrustMap is planned for removal. You can get the textual information provided by TrustMap in other areas of the product user interface. We are evaluating requirements and exploring other models that will provide a graphical view of SSH trust relationships in a future version of the product.  

Tectia 4.x Authorization File Support
SSH discovery and remediation of Tectia 4.x authorization files will be removed. You will still be able to detect and rotate actual key files used in conjunction with authorization files, but not the options.

TrustNet Dashboard Widget "New Locations" Slice
In 18.1 TrustNet features in TPP are updated, during the update, the "New Locations" Slice will be removed from the trustnet Dashboard widget

TrustNet Dashboard Widget "Duplicate Name" Slice and Inventory Filter
In 18.1 TrustNet features in TPP are updated, during the update, the "Duplicate Name" Slice will be removed from the trustnet Dashboard widget.  Also, the Duplicate Name filter will be removed from the TrustNet filter on the Certificate Inventory page.

Aperture Certificate Risk "No Owner Assigned"
In 18.1, due to restructuring of certificate data storage and an introduction to a new set of APIs, we will no longer be able to compare certificate policy against what the value would be if policy wasn't there - which this risk is dependent on to calculate. There are no current plants to re-introduce this specific risk.

Policy for Validation & Monitoring can no longer be set by certificate type
In previous versions, certificates in inventory had three types: Server, User, and Device.  Policy could be used to enable or disable monitoring or validation for each type individually within a folder.  In 18.1, even though there will continue to be three types of certificates, there will no longer be separate policy control for validation or monitoring based on certificate type.

Venafi Platform 18.2

User Portal support for remote installations
Previous to version 18.2, the User Portal (used for requesting user certificates) could be installed on Windows Servers that were not running Trust Protection Platform. Beginning with 18.2, the User Portal will no longer support remote installations and will be part of Trust Protection Platform's standard installation package.

Server Agent support for Redhat Enterprise Linux 4.x
RHEL 4 was released in 2005 and the last kernel update was in 2011. Need to drop support so that we can improve our build processes in ways that RHEL 4.x can't support.

Network Discovery Jobs in Web Admin
Network Discovery job configuration will be removed from the Web Administration console. Beginning in 18.2, you will need to use Aperture for all Network Discovery jobs. Enhanced configuration options for Network Discovery have been available in Aperture since version 14.3.

Network Discovery Placement Preview
The Network Discovery Placement Preview feature will be removed from Aperture. After its removal, Network discovery will work more like agent and TrustNet discovery: items are automatically placed after they are found.

Onboard Discovery will be moved from Web Admin to Aperture
Onboard discovery for F5, NetScaler, and DataPower will only be available in Aperture. These onboard discovery options will no longer be available in the Web Administration Console.

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk