Info: Venafi Trust Protection Platform 16.4 is released

What’s New in Trust Protection Platform 16.4



Certificate File Upload

Aperture users will be able to upload a certificate using a file, copy and paste, and drag and drop.

Object Rename

Aperture users will be able to rename certificates, devices, network discovery jobs, Agent Groups, and custom reports in a uniform way.

Sticky Columns

Certificates, SSH keys, and Agent lists will preserve column selection and order based on your user account. In previous versions, the column selection and order reset every time you reloaded the list. Now those column settings are stored with your user account, so these selections persist from session to session.

Certificate Management

Standardize Certificate Actions

When working with certificates in Trust Protection Platform 16.4 the actions you can take on a certificate have been grouped together in a single Actions button. These same actions are available for individual certificates on the certificate inventory screen as well.


SSH Key HSM Encryption

Support for key material encryption with a custom symmetric key (such as the one stored on HSM).

Encrypted Key Display

Trust Protection Platform displays all encrypted private keys, including ones that have not been matched to public keys in the keyset list.

z/OS Support

SSH agentless discovery and remediation for z/OS devices.

Out-of-sync Violation

New violation showing that keys in a keyset have been discovered after the keyset was rotated and are therefore are out of sync.

Platform drivers

F5 One-Cert-to-Many SSL Profiles

You can now use the new F5 driver option to provision a single certificate to many F5 profiles. For more information, see F5 LTM configuration—overview.

In addition, the Venafi F5 driver now supports F5 version 12.x.

Entrust.NET: reissuance support has been added

You can now submit certificate requests that are outside of the renewal window for reissuance rather than renewal. For more information, see the Allow Reissuance setting in the topic, Configuring the Entrust.NET CA Template object.

Server Agent

Solaris 11 SPARC support

Server Agent support has been added for Solaris 11 SPARC.

Server URL field is no longer required

Because of various issues caused by either modifying or incorrectly entering the Trust Protection Platform server URL, the Server URL field is no longer required.

Effective Rights API

The Permissions API allows you to you determine local and external provider identity rights for managing certificates. For example, you can use a REST API call on a Active Directory (AD) to determine group or individual rights to certificates.

To learn more, see GET Permissions/Object/guid/local or GET Permissions/Object/guid/external.

16.4 Readme Read me file attached

Was this article helpful?
3 out of 3 found this helpful