What’s New in Trust Protection Platform 16.4
Aperture
Certificate File Upload
Aperture users will be able to upload a certificate using a file, copy and paste, and drag and drop.
Object Rename
Aperture users will be able to rename certificates, devices, network discovery jobs, Agent Groups, and custom reports in a uniform way.
Sticky Columns
Certificates, SSH keys, and Agent lists will preserve column selection and order based on your user account. In previous versions, the column selection and order reset every time you reloaded the list. Now those column settings are stored with your user account, so these selections persist from session to session.
Certificate Management
Standardize Certificate Actions
When working with certificates in Trust Protection Platform 16.4 the actions you can take on a certificate have been grouped together in a single Actions button. These same actions are available for individual certificates on the certificate inventory screen as well.
SSH
SSH Key HSM Encryption
Support for key material encryption with a custom symmetric key (such as the one stored on HSM).
Encrypted Key Display
Trust Protection Platform displays all encrypted private keys, including ones that have not been matched to public keys in the keyset list.
z/OS Support
SSH agentless discovery and remediation for z/OS devices.
Out-of-sync Violation
New violation showing that keys in a keyset have been discovered after the keyset was rotated and are therefore are out of sync.
Platform drivers
F5 One-Cert-to-Many SSL Profiles
You can now use the new F5 driver option to provision a single certificate to many F5 profiles. For more information, see F5 LTM configuration—overview.
In addition, the Venafi F5 driver now supports F5 version 12.x.
Entrust.NET: reissuance support has been added
You can now submit certificate requests that are outside of the renewal window for reissuance rather than renewal. For more information, see the Allow Reissuance setting in the topic, Configuring the Entrust.NET CA Template object.
Server Agent
Solaris 11 SPARC support
Server Agent support has been added for Solaris 11 SPARC.
Server URL field is no longer required
Because of various issues caused by either modifying or incorrectly entering the Trust Protection Platform server URL, the Server URL field is no longer required.
Effective Rights API
The Permissions API allows you to you determine local and external provider identity rights for managing certificates. For example, you can use a REST API call on a Active Directory (AD) to determine group or individual rights to certificates.
To learn more, see GET Permissions/Object/guid/local or GET Permissions/Object/guid/external.
16.4 Readme Read me file attached
Comments