Skip to content

What's New: Product Capabilities

We're adding new capabilities on a regular basis! Check here often for our newest and coolest capabilities.

TIP

Looking for all of the other cool enhancements we've made? Check out our growing list of enhancements and software version updates.

New CA Connector using CA Connector Framework: Sectigo

26 November 2024

The CA Connector Framework is a powerful tool that allows developers to write custom connectors for CAs not supported out-of-the-box by TLS Protect Cloud. The new Sectigo connector is a fully-supported CA connector that also serves as an example of how you can connect a CA to TLS Protect Cloud using the TLS Protect Cloud interface. Learn more.

Certificate revocation workflow approval rules

1 November 2024

In addition to approval rules for issuance of certificates, TLS Protect Cloud now allows you to create approval rules for certificate revocation requests, allowing administrators to control who can approve or reject revocation requests, ensuring only authorized users can manage certificate revocations. This adds an extra layer of security and oversight to the certificate lifecycle management process. Learn more.

Zero Touch PKI supports certificate revocation

20 October 2024

TLS Protect Cloud now supports revocation of certificates issued by Zero Touch PKI. When the certificate was issued by Zero Touch PKI in your TLS Protect Cloud instance, the system automatically pre-selects the CA Account for the revocation request. If the certificate was discovered, you'll need to manually select the CA Account that originally issued the certificate, as only that account can request its revocation. Learn more

Firefly support for custom IdP claims, and the ability to specify minimum TLS support

12 July 2024

When creating or editing a configuration for Firefly there are two new options: First, you can specify the minimum version of TLS to allow for Firefly connections. Second, you can now specify custom claim names for integration with identity providers (IdP). Learn more.

Firefly connection to HSM for signing using an HSM-protected key

28 June 2024

You can connect an HSM to the Firefly server (or container) to allow Firefly to sign certificates using a private key protected by an HSM. Learn more.

Firefly-to-HSM configuration

Issue certificates from Lets Protect using a custom DNS provider

20 June 2024

ACMEv2 CA accounts can now use custom DNS providers beyond those natively supported by TLS Protect Cloud, allowing you to issue Let's Encrypt certificates using your preferred DNS provider. Learn more.

Venafi Control Plane Operator 1.0.0 released

29 May 2024

Venafi Control Plane Operator streamlines deployments of Venafi components for OpenShift by automating installation, maintenance, and upgrades. The Operator is certified by Red Hat and available in the Red Hat Ecosystem catalog.

Venafi Control Plane Operator

Key benefits:

  • Deployment Packages: Platform operators can effortlessly select and deploy the necessary Venafi components for OpenShift tailored to the needs of their teams.
  • Version Compatibility: Each release comes with a set of default component versions, which are tested together, improving user compatibility.
  • Version Pinning: Specify precise versions of the Venafi Kubernetes components to ensure consistent deployments across diverse environments.
  • Distributed Releases: Effortlessly manage releases across multiple Kubernetes clusters, facilitating complex multi-environment deployments.
  • Upgrades: Seamlessly upgrade Venafi components, ensuring a smooth transition between versions.

Learn more

Enhanced Service Account authentication with Workload Identity Federation

14 May 2024

Enhance your security and scalability with our latest Service Account update (Custom API Integration), featuring Workload Identity Federation. This advancement allows machines to securely access Venafi Control Plane APIs without traditional API keys, aligning with modern enterprise authentication policies and providing greater access control through scopes. Designed to support PKI administrators in better serving modern application teams, this update facilitates improved VCert deployment and authentication in mass deployment scenarios, including support for VCert and Terraform provider integrations. Learn more

New service account type supporing workload identity federation

Provision with Cloudflare

30 April 2024

Exciting news! You now have the capability to easily provision certificates and perform machine-based discovery for your Cloudflare connectors. Learn more

Updated Venafi Control Plane UI now available

08 April 2024

We've redesigned the Venafi Control Plane UI to streamline your workflow. The new vertical menu structure simplifies navigation and brings efficiency to your certificate management tasks. The modern layout adjusts to your preferences, ensuring a user-friendly experience that enhances productivity. Sign in to Venafi Control Plane and take it for a spin!

The all-new modern navigation bar

Certificate revocation now available for Microsoft AD CS

08 April 2024

Announcing the launch of the Certificate Revocation feature, a significant enhancement for administrators using Microsoft Active Directory Certificate Services (AD CS). This new functionality allows for the direct revocation of certificates issued through AD CS, streamlining security responses and certificate management. Whether through the user interface or the API, administrators can now efficiently manage the lifecycle of their certificates with detailed reasons for revocations and immediate insights into revocation statuses. Learn more

Revoke certificates in the Inventory issued by Microsoft AD CS certificates"

Scheduling functionality for Machine Provisioning

20 March 2024

Effortlessly run your machine provisioning by enabling the scheduling functionality on your machines. Learn more

Schedule certificate provisioning"

Certificate provisioning for Google Cloud Provider

26 February 2024

You can now enable TLS Protect Cloud to provision new certificates in Google Cloud Provider (GCP) for use with Google services. Learn more

Schedule certificate provisioning"