Info: Getting Started with TrustNet – Activate and Configure

Applies To:

Venafi Trust Protection Platform 15.x


The following steps are provided to assist in activating and configuring TrustNet Certificate Reputation Service. Instructions also include information how to download certificates that have been discovered on the internet by TrustNet that are potentially being used to misrepresent your organizations brand with the assigned reputation score.

Additional instructions include specifying additional domains that your organization owns which you may want to gather information from TrustNet about.

Activating TrustNet:

  1. Login to Aperture and navigate to Configuration à TrustNet
  2. Enter operating environment type and email address info

‐          UAT recommended for evaluation purposes

‐          Must be company email

  1. You will receive an email notification requesting verification of activation. Click on the link in the email to approve the activation—you will be redirected to the TrustAuthority UI (Aperture)


  1. From the TrustAuthority UI (Aperture), enable the TrustNet connection by selecting the radio button “On” in the Connection to TrustNet settings
  2. Select information to be shared with TrustNet

‐          It is highly recommended to select raw “certificates and metadata” for All certificates for optimal certificate reputation scoring

  1. Select where to place TrustNet discovered certificates


Downloading Certificates Discovered by TrustNet Internet-wide Visibility

  1. Navigate to TrustAuthority UI (Aperture) Dashboards à Certificates
  2. View the TrustNet widget and highlight anomalies
  3. Navigate to Inventory à Certificates
  4. View certificate reputation, reasons


Specifying Additional Domains That Your Organization Owns for Certificate Reputation Reporting

  1. Navigate to TrustAuthority UI (Aperture) TrustNet
  2. Enter domains to be scanned


NOTE: The Venafi TrustNet Certificate Reputation Security Analyst team will review your request to include additional domains for your organization and confirm that your organization is the owner the requested domain prior to approval.


  1. Once the request to include an additional domain has been review and approved you will received an email notification of approval




  1. The following proxy whitelisting is required between TrustAuthority and TrustNet for successful communication

‐          Whitelist * in proxy


     2. You can also test with this URL


Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request