Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services

Symantec Managed PKI v8.5 Release Communication

Created: 26 Jun 2012 • Updated: 08 Aug 2012 • 2 comments
Mona Salvi's picture
+4 4 Votes
Login to vote


Since our last communication announcing the availability of Symantec Managed PKI 8.4, Symantec has been adding new features to its Managed PKI platform. With version 8.5, the product now offers a rich collection of features that truly enhance the PKI experience for administrators and end users.

Feature Highlight Summary

This release focuses on improving the PKI experience for our enterprise lifecycle solutions by providing a smooth and holistic experience to the customers, thereby reducing the level of support burden for the enterprise administrators. Below are the highlights of the release:

  • LDAP Support for Enterprise Gateway
  • CSR Enrollment method for Domain Controller Certificates
  • Enhanced Support for iOS certificates
  • Enrollment code delivery through email
  • Custom post processing scripts upload and distribution (**Requires PKI Client update. See details below.)
  • Web Service Enhancements
  • Transaction Signing


NEW features available in Symantec Managed PKI v8.5

  • LDAP Support for Enterprise Gateway: This release of PKI Enterprise Gateway provides support for Lightweight Directory Access Protocol (LDAP) user stores to authenticate users in addition to the previously supported Microsoft Active Directory (AD). Once the user has been authenticated and authorized, the PKI Enterprise Gateway obtains the enrollment or certificate data from the enterprise AD or newly supported LDAP user stores and securely enrolls or renews the certificate on behalf of the user.



  • CSR Enrollment method:  MPKI v8.5 now allows enrolling for Domain Controller Certificates using Certificate Signing Requests (CSR). Now an enterprise can secure its domain controller to authenticate the users logging into the domain and gain access to corporate resources.



  •  Enhanced Support for iOS Certificates: Symantec Managed PKI is a truly unique solution in the market that provides a comprehensive multi-device solution for S/MIME signing and encryption by ensuring that the same private key is available on all of the user’s devices (laptops, tablets and smart phones) while delivering public trust through the Symantec Trust Network. This release offers a smooth and a streamlined certificate renewal process for an end user on iOS devices.




  • Enrollment code delivery through email: This release of Managed PKI allows you to configure a certificate profile to send the enrollment code to an end user as part of the enrollment link in the enrollment email. The end user will only need to paste the enrollment link into his or her browser to access and be authenticated to the enrollment request page. This feature greatly reduces the end user’s dependency on the administrator to receive the enrollment code which is an integral part to completing the certificate enrollment process.



  • Support for Custom post processing scripts: PKI Certificate Manager can run pre-defined scripts for certificates enrolled, imported or renewed in PKI Certificate Manager, to automate the process of integrating the certificate with third party applications, such as email clients, WiFi and VPN clients. Enterprise Administrators can now upload and manage custom configuration scripts that perform these post-processing operations for end user certificates in PKI Certificate Manager. They can write their own scripts or download and customize a script template as needed. Once assigned to a certificate profile template, the script can also be removed or reassigned to other individual certificate profiles.



**NOTE: PKI Certificate Manager has been updated to support the custom post processing feature in addition to many other features. To obtain the benefits of these updates, your end users must upgrade to PKI Certificate Manager v2.5. For most users, this will happen automatically unless you have disabled Live Update.

  • Web Service enhancements: The Web Services API can be used to develop or integrate certificate lifecycle functionality into any custom application. Using Web Services, you can create your own end-user certificate lifecycle experience rather than utilizing the PKI Certificate Services provided by Symantec Managed PKI. The MPKI v8.5 Web Service has been improved to include the following:
                                -  Ability to search for certificates by multiple criteria, including the certificate’s Common Name, email address and more.
                                -  Ability to revoke certificates by SeatID or certificate serial number


  • Transaction Signing API: This release of Managed PKI includes a new Transaction Signing API that you can integrate with your web applications to provide your end users the ability to securely authenticate and sign transactions.

Platform and OS Requirements

The following are the up to date platform and OS requirements for the various components of MPKI 8.5. 


Platform and OS Requirements

PKI Manager

OS: Windows XP SP3, Windows 7

Browsers: IE 8, IE 9, FireFox 10,12

PKI Certificate Service

OS: Windows XP SP3, Windows 7

Browsers: IE 8, IE 9, FF 10,12

PKI Client

OS: Windows XP SP3, Windows 7

PKI Enterprise Gateway

OS: Windows 2008 R2, Windows 2008, SP1

Web Server: IIS 7.5, .NET Framework 4.0



Upgrading and Support

At this time, there is no upgrade available from MPKI 7.x versions to MPKI 8.5. We strongly recommend trying out our MPKI Test Drive where you can explore the full features of our solution. The trial period is valid for 90 days and can be downloaded from here:

When you are ready to create a Production account, we will go through our normal verification and authentication process to enroll you for a brand new MPKI v8.5 account. With this account, you will get all the standard CAs and standard certificate templates and downloadable versions for the PKI Client and PKI Enterprise Gateway. It is strongly recommended to engage Symantec Professional Services for installing and configuring the PKI Enterprise Gateway.
Please contact your Account Executive or Client Services Manager for additional information.


Key Date Summary

All feature functionality listed above has been incrementally added, with the latest release being generally available on June 21st 2012.


Technical Support

We value your business and are committed to customer care.  Please contact us if we can assist or answer any questions. Symantec Support can be reached at:

via email at or call +1-650-426-3535 or 1-800-579-2848. 




Symantec Product Management

Comments 2 CommentsJump to latest comment

AlessandraT's picture

Very Informational and useful content!!

Login to vote
JonJon's picture

thanks very much. I do use norton, But Dont have it instaled just yet

                                         JonJon Ament

Login to vote