Upgrading
Upgrading the TPP adaptable driver
If you are upgrading the driver to a newer version, we recommend that you stop Venafi Trust Protection Platform (TPP) before unpacking the driver's files and restart it after they are copied in the folder. For more information about the files, see Installing-the-TPP-adaptable-driver-and-Bulk-Insert-utility.
When configured to use an adaptable driver, TPP takes a hash of the selected driver’s PowerShell script (in this case, Scripts\AdaptableApp\EC for Venafi.ps1) and stores the hash in its database. Each time TPP prepares to use the driver, it checks that the file on disk matches the stored hash. If they do not match, TPP aborts processing.
To update the TPP adaptable driver hash stored in the database, resave the Policy object where the driver is selected. You do not need to change any of the settings, but you must resave the object to update the hash.
Backward compatibility
We recommend that you maintain all BMC AMI Enterprise Connector for Venafi components at the same version level. Because this is not always feasible, EC for Venafi supports backward compatibility with one version. For example, a TPP adaptable driver at version 2.3 SPE2404 communicates with a gateway or agent at version 2.3 SPE2401, but it does not communicate with a gateway or agent at version 2.3 SPE2310.
With every call, the TPP adaptable driver verifies whether the gateway and agent versions are in the supported range:
- If they are the same version as the driver, normal processing continues.
- If they are not the same version but are in the supported range, processing continues and a warning is recorded in the application object's debug log (if enabled).
For more information about the debug log, see Task 7: Debug logging in "Configuring the TPP adaptable driver." - If they are out of the supported range (two or more versions too old or new), the driver stops processing and returns an error to TPP.