Contents x
    Venafi
    • 09 Dec 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Venafi

    • Updated on 09 Dec 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Venafi secures and protects cryptographic keys and digital certificates.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    • Certificates

    Parameters

    1. Server Host Name or IP Address (required) - The hostname or IP address of the Venafi server.

    2. Authentication Host Name or IP Address (optional, default: empty) - The hostname or IP address of the Venafi authentication server.

      • If supplied, the hostname supplied in Authentication Host Name or IP Address will be used.
      • If not supplied, the hostname supplied in Server Host Name or IP Address will be used.

    3. User Name and Password (required) - The credentials for a user account that have access to the Authentication Host Name or IP Address. This server will be used to authenticate and receive a token, which will be used for API calls to Server Host Name or IP Address.

    4. Application ID (required) - The Application ID is generated from the application key when creating the integration. It identifies an integration, application or client that uses the web SDK.

    5. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    6. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    7. Enable Client Side Certificate - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter.

      • Click Upload File next to Client Private Key File (.pem) to upload a client private key file in PEM format.
      • Click Upload File next to Client Certificate File (.pem) to upload a public key file in PEM format.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Venafi

    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Venafi server in parallel at any given point.
    2. Skip disabled certificates - Select this option to skip disabled certificates.
    3. Skip revoked certificates - Select this option to skip revoked certificates.
    4. Fetch Agents - Select this option to fetch agents.
    5. Parse Manufacturer Serial - By default Axonius enables parsing of the manufacturer serial. Clear this option to not parse the manufacturer serial.
    6. Filter Certificates by Self-signed Status - Select this option to filter self-signed certificates.
    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

    Required Permissions

    The value supplied in User Name must have the following permissions and scopes to fetch assets:

    • Permissions - Read permission and Private Key Read/View permission to the Certificate Object and Client Entry
    • Token scope - Certificate, Agent, Certificate Manage


    Version Matrix

    This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.

    VersionSupportedNotes
    19.2Yes


    Was this article helpful?
    What's Next