Customer Knowledge Base

Cert-Manager

• INFO: Cert-Manager and Certificate Policy Values
• HOW TO: Setup A Development Kubernetes/Cert-Manager Environment
• INFO: Install Kubectx and Kubens Powertools for Kubectl

Product Training (Tom Baird)

• Info: Venafi Training Q&A
• Info: In-Person Training Class requirements
• Introduction to Symmetric Keys

Zero Touch PKI (ZTPKI) (Cameron Miner)

• Info: ZTPKI API Documentation

CodeSign Protect (Cameron Miner)

• Info: gpg is unresponsive after a signing error; venafiscd has high CPU utilization

Documentation

• Info: Primary Support Engineer (PSE) Brochure
• Info: Palo Alto Network FW Application objects are being changed to Basic App Objects after upgrading
• Venafi not affected by SolarWinds vulnerability
• Info: Venafi Trust Protection Platform 20.x Documentation
• Scanafi 2.2.2 is live!
• How To: Resolve "the certificate is not a valid pfx/pkcs#12 certificate" error when importing a certificate

See all 7 articles

Tips and Tricks

• Issue: Unable to choose "Virtual Servers" after upgrade
• How To: Configure SCEP - Cisco IOS
• Scanafi CLI Error Codes for Troubleshooting.
• How to: Export IIS logs
• Info: Using Regular Expressions for Multiple Emails

Aperture

• How To: Toggle "Create Team" Button
• Issue: Aperture Discovery Targets may be modified or moved after saving.
• Error: Aperture Error screen after upgrade
• How To: Troubleshooting Login slowness
• How to: Create a Custom Report in Aperture
• Info: Updates to Groups and Work functionality (beginning with Trust Protection Platform 17.2)

See all 7 articles

Venafi VaaS (Cloud) (Zach Zendejas)

• Discovery Scans - Recommendations & Guidelines
• VSatellite Frequently Asked Questions
• MSCA Fails to Issue a Certificate: Denied by Policy Module
• Requested Validity Period May Not Be Set on Issued Certificate
• How to Submit a Ticket for Venafi as a Service
• How to Upgrade VSatellite Service

See all 16 articles

TPP Troubleshooting

• Issue: Uninstalling Venafi Trust Protection Platform fails via Control Panel
• Error during upgrade: Failed to add the Private Key to the SecretStore Vault (Store Result: Failed to load engine 'DPAPI'.)
• AWS South Africa (Cape Town) Region Does Not Appear in AWS Application
• Error: Entrust Renewal Status: 400 Errors: Error { Message: The required property 'password' is missing}

Announcements

• ★ Export license required for certain countries
• ★ How To: Subscribe to Announcements forum
• Info: Venafi Trust Protection Platform V22.3 Is Released
• Info: Venafi Trust Protection Platform V22.2 Is Released
• Info: Venafi Trust Protection Platform V22.1 Is Released
• Info: Venafi Trust Protection Platform 21.2.0 Is Released

See all 70 articles

Core Product

• ★ How to get downloads from Venafi's Download Server
• ★ Info: Supported SSH Ciphers, HMACs, Key Exchanges, and Public Keys
• ★ Info: Venafi Product Life Cycle
• ★ Info: Where can I find Venafi Documentation?
• Why does Venafi require Multiplexing for SSH connections? and other Related Questions
• How To: Assign Azure Environment by Policy Attribute

See all 355 articles

TrustAuthority/TrustForce for TLS

• Error: "The Payment method selected for this request is not currently enabled" at stage 500 with Digicert
• Info: Default ports used for provisioning
• Info: Testing Functionality Of Cyberark Connectivity Outside Of Trust Protection Platform (TPP)
• Info: Truststore provisioning commands and permissions
• Info: About Using Sudo
• How To: TPP Onboard Discovery of F5 Certificates using Remote Authentication

See all 158 articles

SSH (Aaron Poteat)

• Issue: Digicert Protocol Violation "CR must be followed by LF"
• Error: Agentless SSH Device error "Failed To Connect. Agent or agentless record is already registered for this hostname"
• Issue: Test Connection for Agentless SSH product never completes
• Info: Configuring Privileged Access Management Integration
• Info: Registering custom encryption keys
• Info: Server Agent SSH Discovery Job appears to hang on NIX system

See all 15 articles

Venafi Agent

• Info: How does Server Agent determine hostname displayed in registered clients?
• Info: Venafi Server Agents rolling release installation
• Info: What is vagentmc.exe?
• Info: Venafi Server Agent Basics and Troubleshooting
• Info: Unofficial List of Agent Error codes and messages
• Info: Agent Certificate Discovery Placement Logic

See all 43 articles

System Requirements

• Info: Venafi TPP can be installed in physical or virtual environments

Security

• Venafi Product Security Advisory - OpenSSL Critical Vulnerability Disclosure
• Log4J CVE-2021-45105 Vulnerability notice
• Log4j CVE-2021-45046 Vulnerability Notice
• Log4j CVE-2021-44228 Zero-Day Vulnerability notice
• INFO: Rotating Trust Protection Platform's DBO/Operational/AD service account passwords
• Validate Cipher Suites Offered to Servers from Windows

See all 17 articles

Enterprise Mobility Protect

• Error: User Portal getting "This page could not be loaded" error after upgrade
• Complete uninstallation of User Agent for macOS
• How To: Pre-configure User Agent for macOS and signing the application bundle
• Error: "Failed to unwrap inner PKCS7" when doing SCEP requests
• How to: Customize Terminology of End User Portal
• Info: Mobile Certificate Manager Basics

Certificate Authorities

• Issue: Adaptable Digicert Import Script Slow/Pausing
• Info: Venafi Impact Of Digicert API Changes October 2022
• Issue: Error when attempting to renew the Entrust CA Certificate Credential's Cert
• "Access denied due to missing_permission_container" Error when Posting CSR to Digicert CA
• Error: "Failed to post CSR with error: The issuing CA is not Valid" at stage 500
• How To: Changing the Enrollment URL for Digicert/Symantec Customers

See all 75 articles

Patches

• ★ Info: Venafi Trust Protection Platform Patch Install Procedure
• Info: Venafi Trust Protection Platform 17.4.3 Patch is Released

Venafi API and Scripting

• Info: Venafi MMC Wcf Host