- 09 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Venafi
- Updated on 09 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Venafi secures and protects cryptographic keys and digital certificates.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
- Certificates
Parameters
Server Host Name or IP Address (required) - The hostname or IP address of the Venafi server.
Authentication Host Name or IP Address (optional, default: empty) - The hostname or IP address of the Venafi authentication server.
- If supplied, the hostname supplied in Authentication Host Name or IP Address will be used.
- If not supplied, the hostname supplied in Server Host Name or IP Address will be used.
User Name and Password (required) - The credentials for a user account that have access to the Authentication Host Name or IP Address. This server will be used to authenticate and receive a token, which will be used for API calls to Server Host Name or IP Address.
Application ID (required) - The Application ID is generated from the application key when creating the integration. It identifies an integration, application or client that uses the web SDK.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
Enable Client Side Certificate - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter.
- Click Upload File next to Client Private Key File (.pem) to upload a client private key file in PEM format.
- Click Upload File next to Client Certificate File (.pem) to upload a public key file in PEM format.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Venafi server in parallel at any given point.
- Skip disabled certificates - Select this option to skip disabled certificates.
- Skip revoked certificates - Select this option to skip revoked certificates.
- Fetch Agents - Select this option to fetch agents.
- Parse Manufacturer Serial - By default Axonius enables parsing of the manufacturer serial. Clear this option to not parse the manufacturer serial.
- Filter Certificates by Self-signed Status - Select this option to filter self-signed certificates.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
Required Permissions
The value supplied in User Name must have the following permissions and scopes to fetch assets:
- Permissions - Read permission and Private Key Read/View permission to the Certificate Object and Client Entry
- Token scope - Certificate, Agent, Certificate Manage
Version Matrix
This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.
Version | Supported | Notes |
---|---|---|
19.2 | Yes |