What's New: Product Capabilities¶
We're adding new capabilities on a regular basis! Check here often for our newest and coolest capabilities.
TIP
Looking for all of the other cool enhancements we've made? Check out our growing list of enhancements and software version updates.
New CA Connector using CA Connector Framework: Sectigo¶
26 November 2024
The CA Connector Framework is a powerful tool that allows developers to write custom connectors for CAs not supported out-of-the-box by TLS Protect Cloud. The new Sectigo connector is a fully-supported CA connector that also serves as an example of how you can connect a CA to TLS Protect Cloud using the TLS Protect Cloud interface. Learn more.
Certificate revocation workflow approval rules¶
1 November 2024
In addition to approval rules for issuance of certificates, TLS Protect Cloud now allows you to create approval rules for certificate revocation requests, allowing administrators to control who can approve or reject revocation requests, ensuring only authorized users can manage certificate revocations. This adds an extra layer of security and oversight to the certificate lifecycle management process. Learn more.
Zero Touch PKI supports certificate revocation¶
20 October 2024
TLS Protect Cloud now supports revocation of certificates issued by Zero Touch PKI. When the certificate was issued by Zero Touch PKI in your TLS Protect Cloud instance, the system automatically pre-selects the CA Account for the revocation request. If the certificate was discovered, you'll need to manually select the CA Account that originally issued the certificate, as only that account can request its revocation. Learn more
Firefly support for custom IdP claims, and the ability to specify minimum TLS support¶
12 July 2024
When creating or editing a configuration for Firefly there are two new options: First, you can specify the minimum version of TLS to allow for Firefly connections. Second, you can now specify custom claim names for integration with identity providers (IdP). Learn more.
Firefly connection to HSM for signing using an HSM-protected key¶
28 June 2024
You can connect an HSM to the Firefly server (or container) to allow Firefly to sign certificates using a private key protected by an HSM. Learn more.
Issue certificates from Lets Protect using a custom DNS provider¶
20 June 2024
ACMEv2 CA accounts can now use custom DNS providers beyond those natively supported by TLS Protect Cloud, allowing you to issue Let's Encrypt certificates using your preferred DNS provider. Learn more.
Venafi Control Plane Operator 1.0.0 released¶
29 May 2024
Venafi Control Plane Operator streamlines deployments of Venafi components for OpenShift by automating installation, maintenance, and upgrades. The Operator is certified by Red Hat and available in the Red Hat Ecosystem catalog.
Key benefits:
- Deployment Packages: Platform operators can effortlessly select and deploy the necessary Venafi components for OpenShift tailored to the needs of their teams.
- Version Compatibility: Each release comes with a set of default component versions, which are tested together, improving user compatibility.
- Version Pinning: Specify precise versions of the Venafi Kubernetes components to ensure consistent deployments across diverse environments.
- Distributed Releases: Effortlessly manage releases across multiple Kubernetes clusters, facilitating complex multi-environment deployments.
- Upgrades: Seamlessly upgrade Venafi components, ensuring a smooth transition between versions.
Enhanced Service Account authentication with Workload Identity Federation¶
14 May 2024
Enhance your security and scalability with our latest Service Account update (Custom API Integration), featuring Workload Identity Federation. This advancement allows machines to securely access Venafi Control Plane APIs without traditional API keys, aligning with modern enterprise authentication policies and providing greater access control through scopes. Designed to support PKI administrators in better serving modern application teams, this update facilitates improved VCert deployment and authentication in mass deployment scenarios, including support for VCert and Terraform provider integrations. Learn more
Provision with Cloudflare¶
30 April 2024
Exciting news! You now have the capability to easily provision certificates and perform machine-based discovery for your Cloudflare connectors. Learn more
Updated Venafi Control Plane UI now available¶
08 April 2024
We've redesigned the Venafi Control Plane UI to streamline your workflow. The new vertical menu structure simplifies navigation and brings efficiency to your certificate management tasks. The modern layout adjusts to your preferences, ensuring a user-friendly experience that enhances productivity. Sign in to Venafi Control Plane and take it for a spin!
Certificate revocation now available for Microsoft AD CS¶
08 April 2024
Announcing the launch of the Certificate Revocation feature, a significant enhancement for administrators using Microsoft Active Directory Certificate Services (AD CS). This new functionality allows for the direct revocation of certificates issued through AD CS, streamlining security responses and certificate management. Whether through the user interface or the API, administrators can now efficiently manage the lifecycle of their certificates with detailed reasons for revocations and immediate insights into revocation statuses. Learn more
Scheduling functionality for Machine Provisioning¶
20 March 2024
Effortlessly run your machine provisioning by enabling the scheduling functionality on your machines. Learn more
Certificate provisioning for Google Cloud Provider¶
26 February 2024
You can now enable TLS Protect Cloud to provision new certificates in Google Cloud Provider (GCP) for use with Google services. Learn more