Info: Venafi Trust Protection Platform 15.4 is released


Venafi Trust Protection Platform 15.4

What's New


SSL/TLS certificates


- Password restrictions for private key downloads (Aperture, WebAdmin and WebSDK), enabled by default

- Modification of certificate setting is prohibited during lifecycle processing stages.

- Detect and reject reuse of private keys in user-provided CSRs (Aperture, WebAdmin and WebSDK), enabled by default

- Better auditing for certificate revocation events - requestor and time of revocation now saved in Secret Store (Aperture, WebAdmin and WebSDK)

SSH Keys


- Support for root-owned public key files (for newly added authorized and known host keys) via agent/less (UNIX only)

- Automatic agent folder creation to place keys for new users

- New email macros for use in authentication

- New notification and email templates (ability to notify device owner, where applicable)

- Improved keyset details view (more readable attributes, separate tabs for private/authorized keys, pagination, separation of account, and location information)

Enterprise Mobility (Mobile Certificates)


- User portal assimilated into Client Subsystem

- Support for provisioning of device certificates (using enterprise mobility agent)

- Support for Windows 10



- Authentication update - using new ClientID (in lieu of system attributes that may change).

- Deprecation of "xmode" in lieu of ability to configure CRL checking, certificate chaining and logging agent JSON traffic (in events.sq3 file).

- Debugging enhancements - improved logging, ability to view logs on console.

- Improved visibility - UI filters to identify agents that need attention, Agent-to-device association, ability to calculate and display "effective work".



- Updates to Entitlement reports - (short) username, email columns added, master admin and webSDK users now listed, unified entitlements section

- PDF version of entitlement report has been removed

- Update to License reports - now consistent with TrustAuthority, TrustForce product terminology



- New APIs to search for certificates, retrieve certificate details and certificate counts



- Support for RedHat CA 8.1

- CAPI driver support for SNI (IIS 8.0+)

- F5 driver enhancements (reliability, scale and concurrency)

- Support for BlueCoat SSL visibility appliance 3.86

- Support for Connect:Direct (Windows 4.7, Linux 4.2)


Was this article helpful?
1 out of 1 found this helpful