Deploy new client endpoint on the CryptoHub - Futurex Documentation

After deploying the Generic KMIP service in CryptoHub, you must deploy a client endpoint to authorize the KMIP-supported application to use the service. Perform the following steps to deploy a client endpoint:

1

Go to the Endpoints menu for the service you deployed.

2

In the Manage Endpoints menu, select [ Add New ].

3

In the Add Endpoint dialog:

Enter a Name for the endpoint (optional).
Leave the value set to the CryptoHub Hostname that auto-populates.

4

Select [ Add Endpoint ]. The browser prompts you to download a zip file which contains the following files:

File	Description
`ca-chain.pem`	CA certificate bundle
`client-cert.pem`	Client TLS certificate
`credential.txt`	Contains the identity name and API Key CryptoHub created for the service to use when connecting and authenticating via KMIP. If you selected TlsBundle instead of ApiKey as the authentication mechanism, only the identity name is included.
`info.txt`	Includes the service name and address for connecting to the CryptoHub
`pki.p12`	Full Client PKI in encrypted PKCS #12 format (contains the CA chain, client certificate, and client private key)
`pki-password.txt`	Contains the password for the PKCS #12 file
`CryptoHub <number>.cer`	Auto-generated self-signed CA certificate used to issue client endpoint TLS certs (number is random)
`Futurex Test Root CA (ECC).cer` or `Futurex Test Root SSL CA.cer`	Futurex Test Root CA for embedded Futurex Test TLS certs (ECC or RSA, based on the algorithm configured for the KMIP connection pair)
`<number>-Prod-App-Alt.cer`	KMIP server TLS certificate (number is random)

Deploy the service

Configure KMIP client to integrate with CryptoHub

⌘I