16.4.2 includes fixes to address the Trust Protection Platform ( TPP ) server. NOTE: This patch contains a database script (RefreshConfigObjectChildRels.sql) that MUST be run on your Database server by an Database Administrator. To successfully install this script:
- Ensure all TPP services are stopped on all TPP servers reference the Database server.
- Install the 16.4.2 patch on all servers, which will install a copy of the necessary script file to your TPP server's file system.
- Copy the attached script file .\Venafi\Scripts\RefreshConfigObjectChildRels.sql to your MSSQL Server.
- As the Database Administrator, run this script, which will create a new Stored Procedure and related data types in the TPP database environment.
- Restart TPP services on all previously stopped servers
- This script only applies to Microsoft SQL server.
- The "RefreshConfigObjectChildRels.sql" script is called "mssql_update_16.4_to_16.4.4" for patches 16.4.4 and above.
Fixes contained in this patch:
- Auto-renewal certificates were issued and deployed to app twice (VEN-31349)
- Enrolling a DSA CSR causes the enrollment to hang at stage 0 and causes 100% CPU utilization on SQL server (VEN-31805, @24663)
- Adding user permissions to an object is logged incorrectly (VEN-31981, @24697)
- Reports do not get run everytime from Custom Reporting page: Certificate Type (VEN-31982, @24837)
- Download limit reached returns 400 error display page (VEN-31984, @23013)
- 500 error encountered when downloading discovery results (VEN-32107, @23893)
- Symantec MPKI Private Server Credits are reset to 0 after save (VEN-32121, @22837)
- Log Processing Hanging waiting for DB Thread (VEN-32138, @24481)
- Processing and UIs stop working when large numbers of objects are being moved/renamed (VEN-32201, @23489)
- Excluding keys from search using Exclude paths makes TPP think they are gone (VEN-32215)
- Object reference not set error on SSH discovery when tty request is rejected by host (VEN-32222, @23370)
- Getting error during F5 provisioning "Config Sync failed with error: The local device was not found" (VEN-32293,@13836)
- Certificate-name may be too long for chain certs provisioned to Palo Alto devices (VEN-32310, @24780)
- API will crash if specific request is sent. (VEN-32324, @24672)
- Keys are marked for revival when custom search path contains keys that were previously discovered (VEN-32630)
- Unlimited Allowed Download count not applicable for userportal/certificaterequest (VEN-32642, @23013)