Installing the TPP adaptable driver and other utilities

Perform this procedure after you have installed the product.

BMC AMI Enterprise Connector for Venafi requires an adaptable driver that communicates with the EC for Venafi gateway at the appropriate times within a Venafi Trust Protection Platform (TPP) certificate life cycle. The driver is a PowerShell script with two support DLLs. You must install these on every TPP server in the cluster.

Important

The PowerShell script is supplied by Venafi. You must contact Venafi to obtain it.

(SPE2507)

Venafi supplies a zip file that contains multiple versions of the PowerShell script. Make sure that you copy the script that corresponds to your version of EC for Venafi.

Related topics

Installing

Configuring after installation

EC for Venafi also includes the following utilities:

  • Bulk Insert utility—Use to create multiple, similar certificate objects, and their associated application objects by using text files, instead of manually creating the objects one at a time. The Bulk Insert utility is installed at the same time as the TPP adaptable driver.
  • Get authentication token (getauthtoken) utility—Your TPP Master Admin can use this utility to request an API token from TPP to authenticate users who will use the associated TPP REST API integration to create certificate objects on TPP.

You must have .NET 6.0 installed on every computer on which you intend to run the Bulk Insert utility.

Best practice
You must install the TPP driver on every server that performs certificate operations or provides the TPP web and REST interfaces. You don't need to install the driver on other servers. However, because the disk space overhead of the driver is small, and its CPU and memory overhead is zero if it isn't used, for simplicity we recommend installing the driver on every server in the cluster.

To install the driver

You receive a zip file when you download the product software from the EPD website.

  1. (SPE2507) Unpack the zip file into a temporary directory on your TPP server.
    The unpacked file includes the Utilities folder. Inside that folder is the ECVenafi SPEyymm folder, which contains some DLLs and folders.
    The ECVenafi SPEyymm folder is specific to your SPE level. For example, if you installed EC for Venafi version 2.3 SPE2407, then the folder is named ECVenafi SPE2407.

  2. Copy the Utilities folder and its contents into the TPP installation directory on every server in your cluster (by default, C:\Program Files\Venafi).

    Important

    If you installed TPP into a location other than the default, you must edit the line for the $DLLPath in the PowerShell script that you received from Venafi to specify the correct location. For example, if you installed TPP into D:\Venafi, change $DLLPath to read:

    $DLLPath = "D:\Venafi\Utilities\ECVenafi SPExxxx\ECVenafi.dll"

  3. Copy the PowerShell script into the Scripts\AdaptableApp folder on every TPP server.
  4. (SPE2507) Verify that the following files are present on each TPP server:
    • Scripts\AdaptableApp\EC for Venafi SPEyymm.ps1
    • Utilities\ECVenafi SPEyymm\ECVenafi.dll
    • Utilities\ECVenafi SPEyymm\Newtonsoft.Json.dll
    • Utilities\ECVenafi SPEyymm\BulkInsert\BulkInsert.exe
    • Utilities\ECVenafi SPEyymm\BulkInsert\BulkInsert.dll
    • Utilities\ECVenafi SPEyymm\BulkInsert\BulkInsert.runtimeconfig.json
    • Utilities\ECVenafi SPEyymm\GetAuthToken\GetAuthToken.exe
    • Utilities\ECVenafi SPEyymm\GetAuthToken\GetAuthToken.dll
    • Utilities\ECVenafi SPEyymm\GetAuthToken\GetAuthToken.runtimeconfig.json
  5. (SPE2507) If you do not intend to run the Bulk Insert and Get authentication token utilities on the TPP server, copy the BulkInsert and GetAuthToken directories and files to the network computer on which you intend to run them.

You do not need to shut down or restart TPP when installing the adaptable driver or PowerShell script.

Where to go from here

Configuring the TPP adaptable driver

Configuring the Bulk Insert utility

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*