Venafi
  • 09 Dec 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Venafi

  • Dark
    Light
  • PDF

Article summary

Venafi secures and protects cryptographic keys and digital certificates.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Certificates

Parameters

  1. Server Host Name or IP Address (required) - The hostname or IP address of the Venafi server.

  2. Authentication Host Name or IP Address (optional, default: empty) - The hostname or IP address of the Venafi authentication server.

    • If supplied, the hostname supplied in Authentication Host Name or IP Address will be used.
    • If not supplied, the hostname supplied in Server Host Name or IP Address will be used.
  3. User Name and Password (required) - The credentials for a user account that have access to the Authentication Host Name or IP Address. This server will be used to authenticate and receive a token, which will be used for API calls to Server Host Name or IP Address.

  4. Application ID (required) - The Application ID is generated from the application key when creating the integration. It identifies an integration, application or client that uses the web SDK.

  5. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  6. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  7. Enable Client Side Certificate - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter.

    • Click Upload File next to Client Private Key File (.pem) to upload a client private key file in PEM format.
    • Click Upload File next to Client Certificate File (.pem) to upload a public key file in PEM format.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Venafi

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Venafi server in parallel at any given point.
  2. Skip disabled certificates - Select this option to skip disabled certificates.
  3. Skip revoked certificates - Select this option to skip revoked certificates.
  4. Fetch Agents - Select this option to fetch agents.
  5. Parse Manufacturer Serial - By default Axonius enables parsing of the manufacturer serial. Clear this option to not parse the manufacturer serial.
  6. Filter Certificates by Self-signed Status - Select this option to filter self-signed certificates.
Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Required Permissions

The value supplied in User Name must have the following permissions and scopes to fetch assets:

  • Permissions - Read permission and Private Key Read/View permission to the Certificate Object and Client Entry
  • Token scope - Certificate, Agent, Certificate Manage


Version Matrix

This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.

VersionSupportedNotes
19.2Yes



Was this article helpful?

What's Next