Customer Knowledge Base
Collection of articles providing answers to situations or problems one might encounter when running Venafi Products > Sync'd to the Community
Product Training (Tom Baird)
Zero Touch PKI (ZTPKI) (Cameron Miner)
CodeSign Protect (Cameron Miner)
Documentation
- Info: Palo Alto Network FW Application objects are being changed to Basic App Objects after upgrading
- Venafi not affected by SolarWinds vulnerability
- Info: Venafi Trust Protection Platform 20.x Documentation
- Scanafi 2.2.2 is live!
- How To: Resolve "the certificate is not a valid pfx/pkcs#12 certificate" error when importing a certificate
- How to: Connecting a TPP server to a segmented Workgroup server
Tips and Tricks
Aperture
- How To: Toggle "Create Team" Button
- Issue: Aperture Discovery Targets may be modified or moved after saving.
- Error: Aperture Error screen after upgrade
- How To: Troubleshooting Login slowness
- How to: Create a Custom Report in Aperture
- Info: Updates to Groups and Work functionality (beginning with Trust Protection Platform 17.2)
Venafi VaaS (Cloud) (Zach Zendejas)
- MSCA Fails to Issue a Certificate: Denied by Policy Module
- Requested Validity Period May Not Be Set on Issued Certificate
- How to Submit a Ticket for Venafi as a Service
- How to Upgrade VSatellite Service
- Feature Not Available
- Cannot Pair VSatellite Worker Using A Fully Qualified Domain Name
TPP Troubleshooting
Announcements
- ★ Export license required for certain countries
- ★ How To: Subscribe to Announcements forum
- Info: Venafi Trust Protection Platform V22.2 Is Released
- Info: Venafi Trust Protection Platform V22.1 Is Released
- Info: Venafi Trust Protection Platform 21.2.0 Is Released
- Info: Venafi Trust Protection Platform 19.1.6 Patch Is Released
Core Product
- ★ How to get downloads from Venafi's Download Server
- ★ Info: Supported SSH Ciphers, HMACs, Key Exchanges, and Public Keys
- ★ Info: Venafi Product Life Cycle
- ★ Info: Where can I find Venafi Documentation?
- How To: Assign Azure Environment by Policy Attribute
- Info: API Integration is read-only after upgrading to 22.1
TrustAuthority/TrustForce for TLS
- Error: "The Payment method selected for this request is not currently enabled" at stage 500 with Digicert
- Info: Default ports used for provisioning
- Info: Testing Functionality Of Cyberark Connectivity Outside Of Trust Protection Platform (TPP)
- Info: Truststore provisioning commands and permissions
- New Digicert Symantec SubCA Hierarchy
- How To: Include CN as DNS SAN Automatically
SSH (Aaron Poteat)
- Issue: Digicert Protocol Violation "CR must be followed by LF"
- Error: Agentless SSH Device error "Failed To Connect. Agent or agentless record is already registered for this hostname"
- Issue: Test Connection for Agentless SSH product never completes
- Info: Configuring Privileged Access Management Integration
- Info: Registering custom encryption keys
- Info: Server Agent SSH Discovery Job appears to hang on NIX system
Venafi Agent
- Info: How does Server Agent determine hostname displayed in registered clients?
- Info: Venafi Server Agents rolling release installation
- Info: What is vagentmc.exe?
- Info: Venafi Server Agent Basics and Troubleshooting
- Info: Unofficial List of Agent Error codes and messages
- Info: Agent Certificate Discovery Placement Logic
System Requirements
Security
- Log4J CVE-2021-45105 Vulnerability notice
- Log4j CVE-2021-45046 Vulnerability Notice
- Log4j CVE-2021-44228 Zero-Day Vulnerability notice
- INFO: Rotating Trust Protection Platform's DBO/Operational/AD service account passwords
- Validate Cipher Suites Offered to Servers from Windows
- How To: Enable the use of Legacy Cipher Suites
Enterprise Mobility Protect
- Error: User Portal getting "This page could not be loaded" error after upgrade
- Complete uninstallation of User Agent for macOS
- How To: Pre-configure User Agent for macOS and signing the application bundle
- Error: "Failed to unwrap inner PKCS7" when doing SCEP requests
- How to: Customize Terminology of End User Portal
- Info: Mobile Certificate Manager Basics
Certificate Authorities
- Info: Venafi Impact Of Digicert API Changes October 2022
- Issue: Error when attempting to renew the Entrust CA Certificate Credential's Cert
- "Access denied due to missing_permission_container" Error when Posting CSR to Digicert CA
- Error: "Failed to post CSR with error: The issuing CA is not Valid" at stage 500
- How To: Changing the Enrollment URL for Digicert/Symantec Customers
- Symantec MPKI URL Change