About securing a CyberArk application

Examples of settings that help ensure that only Trust Protection Platform can use the CyberArk application

OS User for Trust Protection Platform:
- NT AUTHORITY\SYSTEM (or a domain user account if TPP is using MSSQL with Windows Authentication)
Path examples for Trust Protection Platform:
- C:/Program Files/Venafi/Drivers/Credentials/CRCyberArkCredentials.dll
- C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll (For version 12, with the correct .NET framework path that Trust Protection Platform uses because the assembly that communicates with version 12 loads dynamically.)
Hash:
- 0AA1E6B81A2097816B2A412B9FF4705FEB682DF1 (Generated by NetAIMGetAppInfo utility)

IMPORTANT You need to run the following on each of your Trust Protection Platform servers if you want to apply security using the Hash: "C:\Program Files (x86)\CyberArk\ApplicationPasswordProvider\Utils\NETAIMGetAppInfo.exe" GetHash /AppExecutablesPattern "C:\Program Files\Venafi\Drivers\Credentials\CRCyberArkCredentials.dll

Host:
- Host IP address or Hostname or FQDN

See the Application Authentication Methods section of CyberArk's Credential Provider and ASCP Implementation Guide for details on how to apply these values.