Customer Knowledge Base

Cert-Manager

• INFO: Cert-Manager and Certificate Policy Values
• HOW TO: Setup A Development Kubernetes/Cert-Manager Environment
• INFO: Install Kubectx and Kubens Powertools for Kubectl

Product Training (Tom Baird)

• Info: Venafi Training Q&A
• Info: In-Person Training Class requirements
• Introduction to Symmetric Keys

Zero Touch PKI (ZTPKI) (Cameron Miner)

• ZTPKI System Status
• Info: ZTPKI API Documentation

CodeSign Protect (Cameron Miner)

• Info: gpg is unresponsive after a signing error; venafiscd has high CPU utilization

Documentation

• Info: Primary Support Engineer (PSE) Brochure
• Info: Palo Alto Network FW Application objects are being changed to Basic App Objects after upgrading
• Venafi not affected by SolarWinds vulnerability
• Info: Venafi Trust Protection Platform 20.x Documentation
• Scanafi 2.2.2 is live!
• How To: Resolve "the certificate is not a valid pfx/pkcs#12 certificate" error when importing a certificate

See all 7 articles

Tips and Tricks

• Info: Kill a hung service
• Issue: Unable to choose "Virtual Servers" after upgrade
• How To: Configure SCEP - Cisco IOS
• Scanafi CLI Error Codes for Troubleshooting.
• How to: Export IIS logs
• Info: Using Regular Expressions for Multiple Emails

Aperture

• How To: Toggle "Create Team" Button
• Issue: Aperture Discovery Targets may be modified or moved after saving.
• Error: Aperture Error screen after upgrade
• How To: Troubleshooting Login slowness
• How to: Create a Custom Report in Aperture
• Info: Updates to Groups and Work functionality (beginning with Trust Protection Platform 17.2)

See all 7 articles

TLS Protect Cloud (VaaS)

• Discovery Scans - Recommendations & Guidelines
• VSatellite Frequently Asked Questions
• MSCA Fails to Issue a Certificate: Denied by Policy Module
• Requested Validity Period May Not Be Set on Issued Certificate
• How to Submit a Ticket for Venafi as a Service
• How to Upgrade VSatellite Service

See all 16 articles

TPP Troubleshooting

• Can I use a macro in a custom field?
• Failed to Load PKCS11 Keystorage Driver
• Issue: HTTP 405 Error: "Method Not Allowed" when making the /vedauth/authorize/oauth API call
• Error connecting to the Log Server
• Issue: Uninstalling Venafi Trust Protection Platform fails via Control Panel
• Error during upgrade: Failed to add the Private Key to the SecretStore Vault (Store Result: Failed to load engine 'DPAPI'.)

See all 9 articles

Announcements

• ★ Export license required for certain countries
• ★ How To: Subscribe to Announcements forum
• ACTION REQUIRED: Changes required immediately for DigCert standard (non-EV) Code Signing certificate issuance
• Info: Venafi Trust Protection Platform V23.1 Is Released
• Info: Venafi Trust Protection Platform V22.4 Is Released
• Info: Venafi Trust Protection Platform V22.3 Is Released

See all 73 articles

Core Product

• ★ Info: Venafi Product Life Cycle
• ★ Info: Where can I find Venafi Documentation?
• Why does Venafi require Multiplexing for SSH connections? and other Related Questions
• Info: MSCA Pool CSR does not include SAN entries
• How To: Assign Azure Environment by Policy Attribute
• Info: API Integration is read-only after upgrading to 22.1

See all 355 articles

TrustAuthority/TrustForce for TLS

• Error: "The Payment method selected for this request is not currently enabled" at stage 500 with Digicert
• Info: Default ports used for provisioning
• Info: Testing Functionality Of Cyberark Connectivity Outside Of Trust Protection Platform (TPP)
• Info: Truststore provisioning commands and permissions
• Info: Emails are not sent after creating a new certificate expiration notification rule
• Info: About Using Sudo

See all 159 articles

SSH (Aaron Poteat)

• Issue: Digicert Protocol Violation "CR must be followed by LF"
• Error: Agentless SSH Device error "Failed To Connect. Agent or agentless record is already registered for this hostname"
• Issue: Test Connection for Agentless SSH product never completes
• Info: Configuring Privileged Access Management Integration
• Info: Registering custom encryption keys
• Info: Server Agent SSH Discovery Job appears to hang on NIX system

See all 15 articles

Venafi Agent

• Info: How does Server Agent determine hostname displayed in registered clients?
• Info: Venafi Server Agents rolling release installation
• Info: What is vagentmc.exe?
• Info: Venafi Server Agent Basics and Troubleshooting
• Info: Unofficial List of Agent Error codes and messages
• Info: Agent Certificate Discovery Placement Logic

See all 43 articles

System Requirements

• Info: Venafi TPP can be installed in physical or virtual environments

Security

• Venafi Product Security Advisory - OpenSSL Critical Vulnerability Disclosure
• Log4J CVE-2021-45105 Vulnerability notice
• Log4j CVE-2021-45046 Vulnerability Notice
• Log4j CVE-2021-44228 Zero-Day Vulnerability notice
• INFO: Rotating Trust Protection Platform's DBO/Operational/AD service account passwords
• Validate Cipher Suites Offered to Servers from Windows

See all 17 articles

Enterprise Mobility Protect

• Error: User Portal getting "This page could not be loaded" error after upgrade
• Complete uninstallation of User Agent for macOS
• How To: Pre-configure User Agent for macOS and signing the application bundle
• Error: "Failed to unwrap inner PKCS7" when doing SCEP requests
• How to: Customize Terminology of End User Portal
• Info: Mobile Certificate Manager Basics

Certificate Authorities

• Revoked Certificates still appear in Expiration Notifications
• Issue: Adaptable Digicert Import Script Slow/Pausing
• Info: Venafi Impact Of Digicert API Changes October 2022
• Issue: Error when attempting to renew the Entrust CA Certificate Credential's Cert
• "Access denied due to missing_permission_container" Error when Posting CSR to Digicert CA
• Error: "Failed to post CSR with error: The issuing CA is not Valid" at stage 500

See all 76 articles

Patches

• Info: Venafi Trust Protection Platform 17.4.3 Patch is Released

Venafi API and Scripting

• Info: Venafi MMC Wcf Host