How to: Apply a Venafi Patch

Installing Updates

Venafi will occasionally release patches during a product’s lifecycle to address defects and/or security vulnerabilities. For critical patches, Venafi Customer Support will provide notifications to customers of an available update / patch.

These updates are not to be confused with product upgrades, which often introduce new features in addition to bug fixes. Product upgrades require additional processes, and are typically documented with the installation files. An overview of a typical upgrade process is also included within this document.


In order to successfully apply a patch you need:

- Local Administrator privileges on the Venafi Server

- A Venafi Local Master Admin account

- If using Windows Authentication against the database, Read / Write permissions against the Venafi database for the current logged on user

Downloading Update Packages

To download the Venafi software packages and updates, please use with the Venafi account login credentials. Customer Support ( can provide assistance with login credentials if needed.  Updates are distributed as "VUPKG" or (more commonly as) "ZIP files" are typically found within the specific product version on the FTP site.

Venafi will only keep the latest patch for each supported version, all our patches are cumulative.

If you cannot see your version, and the version is still under support, check the Current for current release, and Previous folder for previous releases.

As an example, the latest patch for Trust Protection Platform 18.2 is available at:

\Trust Protection Platform\Previous\18.2.x\ where x is the latest version



Once the update packages (vupkg) files are downloaded, they should be moved to the [Venafi Install Location]\Packages directory on the server to be updated.

If the update comes as a ZIP file, unzip, and copy the "VUPKG" files.


Backing up your Venafi Database

It is suggested that before apply any patch in production, that you ensure that you have a recent backup of your database.  In worse case scenarios, this backup can be used to fall back from a failed upgrade.

Performing Update

Most updates require that the Venafi services are stopped before performing the update.

To perform the update, launch DirectorUpdater.exe with Administrative privileges. (i.e. Right-Click and Run As Administrator)


Venafi Updater will show the list of patches from the Venafi\Packages folder which are available for install. Release notes are displayed in the bottom window.

Highlight the desired package, and click "Install".

If it is the first time you run the patch, tick the "Update the schema using the following Master Administrator credentials" option, enter your Venafi local master admin account details, and click "Ok".

Successful installation of the patch will remove the patch from the list.

This process needs to be repeated on each Venafi Platform server.

If you get an Error

It is common to get an error such as: 

"The process cannot access the file {File Specified} because it is being used by another process.Error encountered during installation; rolling back install actions"

If you get this error, please stop IIS and make sure that the Windows Administration Console is closed down for all users logged onto the machine.  Make sure to restart IIS after the patch successfully installs


Related Articles

How To: Check Current Director Version And Installed Patches

How To: Uninstall Venafi Patch

How To: Reapply a patch for Trust Protection Platform

Was this article helpful?
2 out of 2 found this helpful
Have more questions? Submit a request