Device objects represent the physical host on which certificates are installed. This article covers the creation of a Device object and the most commonly used settings. Device objects act as containers for Application Objects.
Venafi Trust Protection Platform (TPP) references the device when it validates and manages specific instances of certificates and keys. Device objects are required to provision certificates and perform onboard validations. You must create a Device object before you can create the associated Application objects.
The steps to create a Device object are:
- Log in to the Web Administration (WebAdmin) console
- Select the Policy tree in the Tree drop-down menu
- In the Policy tree, select the Policy or Device object where you want to create the Device object
- Click Add > Device. The detail view displays the Device object settings
- Define the Device object settings, and then click Apply/Save
Most commonly configured Device object settings:
Hostname/Address: IP address or hostname of the physical server associated with the Device object.
Provisioning Mode: Specify whether provisioning to this device should be done using the Server Agent, or without the agent (called Agentless).
Device Credential: Credential that Trust Protection Platform uses to authenticate with platforms or access keystores on the device. TPP uses the Device Credential only if credentials are not defined in the Application object. If multiple applications are running on a single device and they share the same credentials, you can simplify credential management by defining the required credential only on the Device object.
Temp Directory: Directory where TPP can write temporary files. This setting is more commonly needed with Application drivers that use SSH for connectivity.
Note: For information on creating and configuring Application Objects please see the following article https://support.venafi.com/hc/en-us/articles/215911837.