Venafi Trust Protection Platform 15.4
- Password restrictions for private key downloads (Aperture, WebAdmin and WebSDK), enabled by default
- Modification of certificate setting is prohibited during lifecycle processing stages.
- Detect and reject reuse of private keys in user-provided CSRs (Aperture, WebAdmin and WebSDK), enabled by default
- Better auditing for certificate revocation events - requestor and time of revocation now saved in Secret Store (Aperture, WebAdmin and WebSDK)
- Support for root-owned public key files (for newly added authorized and known host keys) via agent/less (UNIX only)
- Automatic agent folder creation to place keys for new users
- New email macros for use in authentication
- New notification and email templates (ability to notify device owner, where applicable)
- Improved keyset details view (more readable attributes, separate tabs for private/authorized keys, pagination, separation of account, and location information)
Enterprise Mobility (Mobile Certificates)
- User portal assimilated into Client Subsystem
- Support for provisioning of device certificates (using enterprise mobility agent)
- Support for Windows 10
- Authentication update - using new ClientID (in lieu of system attributes that may change).
- Deprecation of "xmode" in lieu of ability to configure CRL checking, certificate chaining and logging agent JSON traffic (in events.sq3 file).
- Debugging enhancements - improved logging, ability to view logs on console.
- Improved visibility - UI filters to identify agents that need attention, Agent-to-device association, ability to calculate and display "effective work".
- Updates to Entitlement reports - (short) username, email columns added, master admin and webSDK users now listed, unified entitlements section
- PDF version of entitlement report has been removed
- Update to License reports - now consistent with TrustAuthority, TrustForce product terminology
- New APIs to search for certificates, retrieve certificate details and certificate counts
- Support for RedHat CA 8.1
- CAPI driver support for SNI (IIS 8.0+)
- F5 driver enhancements (reliability, scale and concurrency)
- Support for BlueCoat SSL visibility appliance 3.86
- Support for Connect:Direct (Windows 4.7, Linux 4.2)