Customer Knowledge Base
Collection of articles providing answers to situations or problems one might encounter when running Venafi Products > Sync'd to the Community
Cert-Manager
Product Training (Tom Baird)
Zero Touch PKI (ZTPKI) (Cameron Miner)
CodeSign Protect (Cameron Miner)
Documentation
- Info: Primary Support Engineer (PSE) Brochure
- Info: Palo Alto Network FW Application objects are being changed to Basic App Objects after upgrading
- Venafi not affected by SolarWinds vulnerability
- Info: Venafi Trust Protection Platform 20.x Documentation
- Scanafi 2.2.2 is live!
- How To: Resolve "the certificate is not a valid pfx/pkcs#12 certificate" error when importing a certificate
Tips and Tricks
Aperture
- How To: Toggle "Create Team" Button
- Issue: Aperture Discovery Targets may be modified or moved after saving.
- Error: Aperture Error screen after upgrade
- How To: Troubleshooting Login slowness
- How to: Create a Custom Report in Aperture
- Info: Updates to Groups and Work functionality (beginning with Trust Protection Platform 17.2)
TLS Protect Cloud (VaaS)
- Discovery Scans - Recommendations & Guidelines
- VSatellite Frequently Asked Questions
- MSCA Fails to Issue a Certificate: Denied by Policy Module
- Requested Validity Period May Not Be Set on Issued Certificate
- How to Submit a Ticket for Venafi as a Service
- How to Upgrade VSatellite Service
TPP Troubleshooting
- Can I use a macro in a custom field?
- Failed to Load PKCS11 Keystorage Driver
- Issue: HTTP 405 Error: "Method Not Allowed" when making the /vedauth/authorize/oauth API call
- Error connecting to the Log Server
- Issue: Uninstalling Venafi Trust Protection Platform fails via Control Panel
- Error during upgrade: Failed to add the Private Key to the SecretStore Vault (Store Result: Failed to load engine 'DPAPI'.)
Announcements
- ★ Export license required for certain countries
- ★ How To: Subscribe to Announcements forum
- ACTION REQUIRED: Changes required immediately for DigCert standard (non-EV) Code Signing certificate issuance
- Info: Venafi Trust Protection Platform V23.1 Is Released
- Info: Venafi Trust Protection Platform V22.4 Is Released
- Info: Venafi Trust Protection Platform V22.3 Is Released
Core Product
- ★ Info: Venafi Product Life Cycle
- ★ Info: Where can I find Venafi Documentation?
- Why does Venafi require Multiplexing for SSH connections? and other Related Questions
- Info: MSCA Pool CSR does not include SAN entries
- How To: Assign Azure Environment by Policy Attribute
- Info: API Integration is read-only after upgrading to 22.1
TrustAuthority/TrustForce for TLS
- Error: "The Payment method selected for this request is not currently enabled" at stage 500 with Digicert
- Info: Default ports used for provisioning
- Info: Testing Functionality Of Cyberark Connectivity Outside Of Trust Protection Platform (TPP)
- Info: Truststore provisioning commands and permissions
- Info: Emails are not sent after creating a new certificate expiration notification rule
- Info: About Using Sudo
SSH (Aaron Poteat)
- Issue: Digicert Protocol Violation "CR must be followed by LF"
- Error: Agentless SSH Device error "Failed To Connect. Agent or agentless record is already registered for this hostname"
- Issue: Test Connection for Agentless SSH product never completes
- Info: Configuring Privileged Access Management Integration
- Info: Registering custom encryption keys
- Info: Server Agent SSH Discovery Job appears to hang on NIX system
Venafi Agent
- Info: How does Server Agent determine hostname displayed in registered clients?
- Info: Venafi Server Agents rolling release installation
- Info: What is vagentmc.exe?
- Info: Venafi Server Agent Basics and Troubleshooting
- Info: Unofficial List of Agent Error codes and messages
- Info: Agent Certificate Discovery Placement Logic
System Requirements
Security
- Venafi Product Security Advisory - OpenSSL Critical Vulnerability Disclosure
- Log4J CVE-2021-45105 Vulnerability notice
- Log4j CVE-2021-45046 Vulnerability Notice
- Log4j CVE-2021-44228 Zero-Day Vulnerability notice
- INFO: Rotating Trust Protection Platform's DBO/Operational/AD service account passwords
- Validate Cipher Suites Offered to Servers from Windows
Enterprise Mobility Protect
- Error: User Portal getting "This page could not be loaded" error after upgrade
- Complete uninstallation of User Agent for macOS
- How To: Pre-configure User Agent for macOS and signing the application bundle
- Error: "Failed to unwrap inner PKCS7" when doing SCEP requests
- How to: Customize Terminology of End User Portal
- Info: Mobile Certificate Manager Basics
Certificate Authorities
- Revoked Certificates still appear in Expiration Notifications
- Issue: Adaptable Digicert Import Script Slow/Pausing
- Info: Venafi Impact Of Digicert API Changes October 2022
- Issue: Error when attempting to renew the Entrust CA Certificate Credential's Cert
- "Access denied due to missing_permission_container" Error when Posting CSR to Digicert CA
- Error: "Failed to post CSR with error: The issuing CA is not Valid" at stage 500