Create client endpoints - Futurex Documentation

After deploying the BeyondTrust Password Safe service in CryptoHub, you must create two client endpoints. Endpoints are devices authorized to access this service. Most integrations only require you to create one client endpoint, but the BeyondTrust integration requires both 32-bit and 64-bit PKCS#11 drivers, which is why two endpoints must be created for the service. One of them is for the x64 version of the FxPKCS11 module and the other is for the x86 build. Please refer to this BeyondTrust documentation for more details about this requirement. In theEndpoints menu, you can view and filter details about existing endpoints and add new endpoints, per the instructions below:

Go to the Endpoints menu for the BeyondTrust service you deployed.

In the Manage Endpoints menu, select [ Add New ].

In the Add Endpoint dialog:

Enter identifier or leave empty for auto-generation.
Leave the auto-populated CryptoHub Hostname as is.
Select Windows 64-bit as the Platform for the Endpoint.

Select [ Add Endpoint ]. The browser prompts you to download a zip file containing the Futurex PKCS #11 module, TLS certificates, and a configuration file pre-configured to connect to your CryptoHub instance.

Repeat steps 1-4, but this time in the Add Endpoint dialog, select Windows 32-bit as the Platform for the Endpoint.

If you want to change the PIN/password for an endpoint, go to the Identity and Access menu and go to the Applications & Partitions tab. Find the application you deployed, and in the Manage section, select [ Authentication ]. This opens a dialog where you can change the PIN or password for the endpoint.

The endpoint zip file you downloaded in the browser must be copied to the machine running the BeyondTrust U-Series Appliance.

⌘I

Documentation Index