How to decommission a Trust Protection Platform server

When you decommission a server, it no longer manages keys and certificates via Trust Protection Platform.

To decommission a server:

  1. Uninstall the Trust Protection Platform software from the server you are about to decommission.

  2. On a currently running server, do the following: 

    • Get the engine name from the Platforms tree and then call POST Platform/Delete.

    • (Optional) Delete the VOC Certificate object of the decommissioned server. Get the name from the Encryption tree, and then call DELETE Certificates/{guid}. For example:

      Where to find the VOC certificate 

      POST https://tpp.venafi.example/vedsdk/Certificates/Delete/{98a69b34-7278-42c6-b9c1-c5e600be12f0} 
Authorization:Bearer 4MyGeneratedBearerTknz==

    • (Optional) Delete the Log server object for the decommissioned server. Get the Log server name from the Logging tree, and then call POST Config/Delete. For example:

      Where to find the Log server 

      POST https://tpp.venafi.example/vedsdk/Config/Delete 
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "ObjectDN":"\\VED\\Policy\\Venafi Operational Certificate\\venafi.example.com"
}