Deprecated Functionality From Venafi Platform

Summary

This article contains a current list of features that have been removed from shipping versions of Trust Protection Platform. Deprecated features are grouped by the release in which they were removed. This document lists deprecations for all supported versions of Trust Protection Platform, since you might be upgrading from any supported version, and you need to review the deprecated features for ALL versions between your source version and your target version.

Applies To:

All versions of Trust Protection Platform.

See Also:

For a list of features that are scheduled for deprecation in upcoming releases, please review the Venafi Knowledge Center article Info: Functionality Scheduled for Deprecation.

Venafi Platform 22.2

WebSDK Authorization Method involving API keys is only available with a License Key 
Only customers with a special, temporary license key from Venafi can use WebSDK API Keys to authenticate to the WebSDK.  Without the license key, both POST Authorize and the WebSDK Permission will not be available.

POST SecretStore/Delete WebSDK Method
POST SecretStore/Delete has been removed.  Instead, you should be using POST SecretStore/OwnerDelete.  SecretStore/Delete does not properly clean-up references to the vault being deleted.  Its usage leads to data being in an inconsistent state.

Imperva MX supports provisioning of device certificates only
The Imperva MX driver is only able to provision device certificates. After upgrading to 22.2, existing Imperva MX applications will be converted to Basic applications and will retain certificate association. Provisioning certificates in bulk to Imperva MX can be accomplished using the Adaptable Bulk Provisioning job.

Venafi Server Agent on HP-UX
We no longer produce new releases of Venafi Server Agent on HP-UX (Itanium). Venafi Platform 22.1 was the last release to include support for that platform.

Venafi Platform 22.1

Pass-through Authentication
Pass-through authentication is deprecated. To configure the Venafi login experience, use SAML support instead. For detailed information on configuring SAML SSO, see our documentation portal or the Venafi Administration Guide

VAM nShield Certificate Installation Driver
Starting in 21.4, application objects that manage certificate installation via VAM nShield will be converted to Basic application objects.

User/About pages
Licensing information about third-party libraries is no longer available on the User Menu/About page.  Third-party information is only available in the product documentation. In future versions of Venafi Platform, information about loaded assemblies and UI plugins will also be removed.  Assembly and plugin information was intended for troubleshooting. Based on usage evaluation, these pages are scheduled for deprecation.

WebAdmin dashboard
Although the WebAdmin dashboard was officially deprecated in 20.2, it was still accessible to customers. In 22.1, the WebAdmin dashboard code was removed from the product.

UniCert CA Driver
This integration saw little to no use.  It has been removed in 22.1. Upgrades are now easier because configuration steps regarding its Windows service configuration have also been removed. 

WebAdmin Login page
In 22.1, there is a single login experience for all technology stacks. The simplified login experience makes the WebAdmin login page no longer necessary. To preserve a similar experience, customers can set a WebAdmin page, such as the Policy Tree, as the default landing page for each product.

Venafi Platform 21.4

End User Portal and User Agent no longer available in Client Protect
As part of our rebranding of the Endpoint Protect product being updated to Client Protect, we are removing features such as the User Agent (sometimes referred to as AJ) and the User Portal.  These are no longer available in the Client Protect product in 21.4 and going forward.

20.1 Code Signing Client must be Upgraded
In 21.4, CodeSign Protect will no longer support the code signing clients from 19.2-20.1. Undocumented REST APIs used by these older client versions have being removed. Prior to upgrading to 21.4 or higher, please upgrade your code signing clients to more recent versions.

Venafi Platform 21.3

Internet Explorer 11 is no longer supported by the Web Consoles
Google Chrome and the chromium version of Edge are now the only supported browsers. Firefox continues to be compatible with the Web Consoles of Trust Protection Platform. Internet Explorer 11 is considered incompatible

Symantec MPKI CA Driver
The Symantec MPKI CA driver is deprecated. Once you upgrade to 21.3.x (or later) any existing Symantec MPKI CA Templates will become unavailable. Certificates using the Symantec MPKI CA driver should be migrated manually to DigiCert CA.

Venafi Platform 21.1

Server Agent no longer supports 32-bit Linux
Due to Red Hat Enterprise Linux 7 (and later releases) and the deprecation of 32-bit operating systems for its product line, Venafi no longer offers the 32-bit version of the Linux Installer and Venafi Update Packages.

Server Agent support for TLS 1.0 , 1.1
As previously announced, the Server Agent no longer supports TLS 1.0 and 1.1 due to vulnerabilities in these protocols. TLS 1.2 is now required.

Venafi Platform 20.4

DigiCert
DigiCert has recommended that we update our driver to take advantage of a new "skip_approval" option which streamlines processing on their side for up to a 30% increase in performance. As a result, Venafi Platform workflow will be the only method for requiring human approval of certificate requests beginning in 20.4.

Venafi Platform 20.3

Aperture User Search Permission
As part of the broader movement to a unified web interface, and in conjunction with the Identities enhancements in 20.3, the Aperture User Search permission (previously found on the user settings page in Aperture) is no longer required. All users will be able to search for other users, so they can work with the new Teams feature.

GeoTrust Reseller CA Driver
The GeoTrust Reseller CA driver is now obsolete and has been removed from Trust Protection Platform. 

IBM DataPower Application Driver XML API 
XML API for IBM DataPower Application Driver has been deprecated. Only the XML part of the API interface is deprecated. The REST APIs are still supported.

Venafi Server Agent support for AIX 5.3 and 6.X platforms
Support for AIX 5.3 and 6.X platforms for Server Agent has been deprecated. This is because IBM discontinued support for these versions in 2016 and 2018, respectively. Server Agent 20.3 now supports 7.1 to enable Venafi to continue delivering updated 3rd party libraries going forward. 

Venafi TrustNet service
As communicated directly to affected customers, the Venafi TrustNet service has been deprecated and the TrustNet endpoint has been disabled.

Windows Server 2012 R2
Support for Windows Server 2012 R2 is deprecated for Trust Protection Platform servers.

Venafi Platform 20.2

End support for SQL 2012 and SQL Server 2014
Venafi Trust Protection Platform no longer supports SQL Server 2012 and SQL Server 2014. SQL Server 2016 SP2 Standard is the new minimum supported version.

A10 Network driver
The A10 Networks AX Series ADC product is now obsolete, so the corresponding application driver in Trust Protection Platform has been removed. This integration has been transitioned to the partner ecosystem where A10 Networks is offering provisioning support for their Thunder ADC products.

Juniper Secure Access Service
The Juniper Secure Access Service product is now obsolete so the corresponding application driver in Trust Protection Platform has been removed. Those seeking support for its replacement product, Pulse Connect Secure SSL VPN, should contact their Pulse Secure account team about joining the Venafi Technology Partner Network.

Default user tree in WebAdmin and dashboard in WebAdmin
As part of the multi-year effort to unify the consoles in Trust Protection Platform, a new unified menu is available in 20.2. Since these features were rarely used, they were removed from the product as part of the re-design.

Thawte CA driver
DigiCert announced an end-of-life date of 30 March 2020 for Thawte CA driver. The corresponding driver, now obsolete, has been removed from Trust Protection Platform. DigiCert is migrating customers to CertCentral. Customers using the old driver should migrate to the DigiCert CA driver.

GeoTrust TrueFlex CA driver
DigiCert announced that 30 March 2020 was the end-of-life for GeoTrust TrueFlex CA. The corresponding driver, now obsolete, has been removed from Trust Protection Platform. DigiCert is migrating customers to CertCentral. Customers using the old driver should migrate to the DigiCert CA driver.