IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.
Release Notes Certificate Manager (Version 1.10)
Tanium Certificate Manager 1.10.64
Release Date: June 6, 2023
Improvements
- Significant efficiency improvements when scanning cipher suites.
- Provides the ability for certificate audits to run without port scanning.
- Updates dashboards and reports for better visibility of data.
- Adds new Certificate Manager RBAC roles.
- Updates PowerShell script invocation with AllSigned flag for validation of tooling.
- Adds the ability to remove all port exclusions from endpoints through the Certificate Audit Delete Port Exclusions package.
- Adds Certificate Audit Age sensor to TDS capture for more flexibility of data in reports and dashboards.
- Certificate Details sensor now includes the SHA256 hash in the output.
- Coverage Status Details Status Initializing State now reports if an endpoint has not run its first certificate audit.
- Certificate Manager now provides logging levels matching other Tanium modules.
- Improvements added for certificate audit logging for clarity and efficiency.
- Logs are now centralized in the Tanium Client Logs folder for Certificate Manager.
Bug Fixes
- Fixes an issue where Windows endpoints may not complete the listen port audit when IPv6 Is enabled.
- Fixes an issue where certain sensors may return [no results]. These sensors will now return a default response.
- Fixes an issue on Windows endpoints with the a locale applied that return a UTF-8 error while running an audit.
- Fixes an issue where Certificate Manager may fail to audit all listening ports when a service has an invalid SSL Content Type.
- Fixes the parameter validation for the Certificate Audit Add Port Exclusions and Certificate Audit Delete Port Exclusions packages.
- Fixes the Certificate Audit Port Exclusions senor column data type. This allows for better sorting of the results.
- Fixes an issue where Windows endpoints would stop showing sensor results if the validity time was over 32,000 days.
- Fixes an issue where Coverage Status would not raise an out of date version of Windows PowerShell.
- Fixes a visual issue where there might be a case mismatch on the SHA256 certificate thumbprint for listen ports when compared to at-rest certificates.
- Fixes an issue where sensors might return an unexpected trusted root path.
- Fixes an issue where endpoints with ports listening on OpenSSL 3.0 only might not have their certificates captured by the audit.
- Fixes an issue where the audit might not identify SSL2 only servers.
- Fixes an issue where IPv6 addresses are parsed incorrectly on Linux.
Requirements
- Tanium™ Core Platform 7.5.5.1140 or later
- Tanium™ Client Management 1.12.77 or later
- Tanium™ Reporting 1.13.76 or later
Tools Versions
- Includes core-python: 3.1.43