Occasionally, we remove functionality from Trust Protection Platform to stay current with emerging technologies and to serve the changing needs of our customers. Some of the more common reasons for deprecating features include the following:
- Minimal use of a feature by the majority of our customers
- Technologies that have become obsolete
- Features that have become too expensive to maintain
- Changes in our technology road map
- Important security enhancements to Trust Protection Platform
For a list of features that have been deprecated prior to the current release, visit:
Scheduled Feature Deprecations
Although planned feature deprecations are subject to change, the following list indicates which features are planned for removal from upcoming releases of Trust Protection Platform:
Venafi Platform 22.1
VAM nShield Certificate Installation Driver Deprecation
Starting in 21.4, application objects for VAM nShield Certificate Installation instances will be converted to basic application objects.
With the release of SAML support, we plan on deprecating the support for pass-through authentication. Before SAML was introduced, Pass-through authentication is the mechanism that was used to integrate with Oracle Identity and Access Manager (IAM). If you are using IAM with the Venafi Trust Protection Platform, please update your configuration to leverage SAML prior to upgrading to 22.1 or higher.
UniCert CA Driver Deprecation
Due to lack of usage and security concerns with the architecture of the driver, support for UniCert CA will no longer be natively available in TLS Protect of the Trust Protection Platform starting in 22.1.
Removal of three detail screens from the About section of the Web Console
Starting in 22.1, the following three screens will be removed from the Web Console About section:
- Loaded API Assemblies (Scheduled for 22.4)
- Loaded UI Plugins (Scheduled for 22.4)
- Third Party UI Libraries (Scheduled for 22.1)
These screens were originally included to aid in troubleshooting of problems related to the Web Console, but instead were rarely, if ever, used.
Server Agent iPlanet BerkelyDB keystore format discovery
Starting 22.1 the Server Agent will drop the capability to discover iPlanet keystores in the BerkelyDB format. The Server Agent will continue to be able to discovery iPlanet keystores in the SQLite (NSS) format.
Venafi Platform 22.2
WebSDK Authorization Method involving API keys is only available with a License Key
Starting in 22.2, only customers with a special, temporary license key from Venafi will be able to leverage WebSDK API Keys to authenticate to the WebSDK. Without the license key, both POST Authorize and the WebSDK Permission will not be available.
POST SecretStore/Delete WebSDK Method
POST SecretStore/Delete will be removed in 22.2. Instead, you should be using
POST SecretStore/OwnerDelete. SecretStore/Delete does not properly clean-up references to the vault being deleted. It's usage leads to data being in an inconsistent state.
Imperva MX will support provisioning of device certificates only
Starting in 22.2 Imperva MX driver will be able to provision device certificates only. After upgrading to 22.2 existing Imperva MX applications will be converted to Basic applications and retain certificate association. Provisioning certificates in bulk to Imperva MX can be accomplished using the Adaptable Bulk Provisioning job.
Venafi Server Agent on HP-UX
We intend to stop producing new releases of Venafi Server Agent on HP-UX (Itanium) with the 22.2 release, making the 22.1 release the the last to include support for the platform.
Venafi Platform 22.3
WebSDK Authorization Method involving API Keys (End-of-Support)
The WebSDK authorization method that involves API keys was formally deprecated in Trust Protection Platform 20.2 and will no longer be available in code beginning in 22.3. The "WebSDk" permission that is available on users and groups will no longer be available. The temporary license key introduced in 22.2 will no longer be available.