Summary
Occasionally, we remove functionality from Trust Protection Platform to stay current with emerging technologies and to serve the changing needs of our customers. Some of the more common reasons for deprecating features include the following:
- Minimal use of a feature by the majority of our customers
- Technologies that have become obsolete
- Features that have become too expensive to maintain
- Changes in our technology road map
- Important security enhancements to Trust Protection Platform
See Also:
For a list of features that have been deprecated prior to the current release, visit:
Scheduled Feature Deprecations
Although planned feature deprecations are subject to change, the following list indicates which features are planned for removal from upcoming releases of Trust Protection Platform:
Venafi Platform 20.2
Drop Support for SQL 2012 and SQL Server 2014 Support
Beginning in 20.2, Venafi Trust Protection Platform will no longer support SQL Server 2012 and SQL Server 2014. SQL Server 2016 SP1 Standard will be the minimum version that we support. This is required in order to leverage the Table Partitioning Feature that Microsoft has made available in SQL Server 2016 SP1.
Drop Support for Windows Server 2012 R2 for hosting TPP
Beginning in 20.2, Venafi Trust Protection Platform will be listed as "compatible" meaning that we will no longer do active testing on that version of Windows Server. In TPP 20.3, we will remove all support of Windows Server 2012 R2.
A10 AX Series Application Driver
The A10 Networks AX Series ADC product is now obsolete so the corresponding application driver will be removed from Trust Protection Platform in 20.2. This integration has been transitioned the partner ecosystem where A10 Networks is offering provisioning support for their Thunder ADC products at https://marketplace.venafi.com/apps/218513/a10-thunder-adc.
Juniper SAS Application Driver
The Juniper Secure Access Service product is now obsolete so the corresponding application driver will be removed from Trust Protection Platform in 20.2. Customers seeking support for integration with the replacement product (Pulse Connect Secure SSL VPN) should contact their Pulse Secure account team about joining the Venafi Technology Partner Network.
WebAdmin Dashboard
Starting in 20.2, The Dashboard available in WebAdmin will no longer be available. The only Dashboards available will be the ones offered in Aperture.
WebAdmin Tree Selection Preference
We are working on a feature that will unify navigation between WebAdmin and Aperture. The top navigation will be the same and allow easy switching between both consoles. Because of this unification - we are evaluating the differences in navigation and some of the WebAdmin preferences are being removed. Most notable would be the preference that allows you to set your default tree on login to WebAdmin.
GeoTrust TrueFlex CA Driver
DigiCert has announced March 30 as the end-of-life for their GeoTrust TrueFlex CA so the corresponding and obsolete driver will be removed from Trust Protection Platform in 20.2. DigiCert is migrating affected customers to CertCentral so they will have already transitioned to our DigiCert CA driver in advance of upgrading to 20.2.
Thawte CA Driver
DigiCert has announced March 30 as the end-of-life for their Thawte CA so the corresponding and obsolete driver will be removed from Trust Protection Platform in 20.2. DigiCert is migrating affected customers to CertCentral so they will have already transitioned to our DigiCert CA driver in advance of upgrading to 20.2.
Venafi Platform 20.3
Aperture User Search Permission
This particular user/group permission will no longer be available. It was only used for controller who had permissions to Inventory -> Identities. However, we plan on making this menu item available to all authenticated users as it is renamed to "My Teams" and moved under the user menu. Because of this change, the permission is no longer needed.
Server Agent AIX 5.3 and 6.1 Support
In order to allow continued updates for Venafi Server Agent on AIX, update in the used toolchain is required. Versions 5.3 and 6.1 of AIX are no longer supported by IBM and an updated toolchain is not available for them. With this release the lowest supported version of AIX will be raised to AIX 7.1 TL 5.
Server Agent TLS 1.1 Support
Server Agents will require TLS 1.2 or newer when connecting to TPP servers. Load balancers used between Server Agents and the TPP servers will need to be updated/reconfigured to not perform protocol downgrade beyond TLS 1.2.
WebSDK Authorization Method involving API keys is only available with a License Key
Starting in 20.3, only customers with a special, temporary license key from Venafi will be able to leverage WebSDK API Keys to authenticate to the WebSDK. Without the license key, both POST Authorize and the WebSDK Permission will not be available.
Venafi Platform 20.4
Eliminate Manual Approval option for DigiCert CA
DigiCert has recommended that we update our driver to take advantage of a new "skip_approval" option which streamlines processing on their side for up to a 30% increase in performance. As a result, Venafi Platform workflow will be the only method for requiring human approval of certificate requests beginning in 20.2.
Palto Alto Network FW and BlueCoat SSLVA drivers will support provisioning of device certificates only
Starting in 20.3 both drivers will be able to provision device certificates only. After upgrading to 20.3 existing Palo Alto Network FW applications will be converted to Basic applications and retain certificate association. All existing BlueCoat SSLVA applications that do not have Device Certificate enabled will be converted to Basic Applications while retaining certificate association. Those BlueCoat SSLVA applications that have Device Certificate enabled will not be converted to Basic ones.
Provisioning certificates in bulk to both application drivers can be accomplished using the Adaptable Bulk Provisioning job.
Server Agent RHEL 5 and CentOS 5 Support
Red Hat Enterprise Linux 5 will reach End of Extended Lifecycle add-on support on 30 Nov 2020. Continued development of the Venafi Server Agent requires contemporary software development toolchains, and we will be discontinuing the support for this version of the operating system.
Venafi Platform 21.1
WebSDK Authorization Method involving API Keys (End-of-Support)
The WebSDK authorization method that involves API keys was formally deprecated in Trust Protection Platform 20.1 and will no longer be available in code beginning in 21.1. The "WebSDk" permission that is available on users and groups will no longer be available. The temporary license key introduced in 20.3 will no longer be available.
Comments
Article updated on June 19, 2018
Article updated on April 7, 2020 - Removed items that were deprecated in 20.1 since 20.1 has shipped. Added Windows Server 2012 R2 to be deprecated. in 20.2 will lower from supported to compatible. In 20.3 we will drop support for Windows 2012 R2 completely for hosting installations of TPP.
Article updated on May 12, 2020 - Some deprecation items were moved from 20.2 to 20.3. Also, more detail was added regarding timeline for deprecating WebSDK API keys now that WebSDK Tokens have been delivered in 20.1