Server Agent prerequisites

Before installing the Server Agent, review the prerequisites for all computers where you plan to install it.

• (Conditional) When enabling and configuring SSH work, you must have a working installation of SSH (e.g. OpenSSH, Tectia) installed and enabled for SSH operations.

• Supported operating systems and versions in place: Before installing the agent, identify which types of operating systems and versions are installed on the systems where you plan to deploy the agent. Ensure that the target systems are supported.

  There is a different agent install package for each operating system type that is supported by the agent. For a list of supported Server Agent operating systems, see Supported operating systems and hardware for use with the Server Agent.

• (Recommended) You should use a CA-issued certificate as the Trust Protection Platform server certificate—also referred to as the Venafi Operational Certificate (VOC). When using this recommended method, make sure that you do the following:

  • You must import the root and intermediate CA certificates into Trust Protection Platform with the Clients should trust these issuers when reporting home setting enabled. Prior to initial registration of the agent, you can find this setting in TLS Protect under Clients > Agent Registration Settings. For more information, see Configuring Server Agent registration.
  • Make sure that Intermediate CA and Trust Protection Platform certificates contain a CRL distribution point (CDP) extension with valid CDP addresses that are reachable by all agents via HTTP (other CDP access protocols, such as LDAP, are not supported at this time).
  • Finally, make sure that CRLs on CDPs are valid, and that intermediate CA and server certificates have not been revoked.

Related Topics