Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.futurex.com/llms.txt

Use this file to discover all available pages before exploring further.

After you deploy the Bitwarden service in CryptoHub, set up a client endpoint. An endpoint is a device authorized to access the service. Use the Endpoints menu to view and manage these devices. You can also add new endpoints by selecting [ Add New ]. When prompted, enter the device address and specify the endpoint. The following sections provide detailed instructions for deploying a client endpoint and installing the client library files.

Deploy the client endpoint

Perform the following steps to deploy the client endpoint:
1
Go to the Endpoints menu inside the service you deployed.
2
In the Manage Endpoints menu, select [ Add New ].
3
In the Add Endpoint dialog:
  1. Enter a Name for the endpoint (optional).
  2. Leave the CryptoHub Hostname set to the auto-populated value.
  3. In the Platform drop-down list, you must select Linux OpenSSL 3.x 64-bit to match the OpenSSL version installed in the Bitwarden Key Connector container.
4
Select [ Add Endpoint ]. The browser prompts you to download a zip file containing the Futurex PKCS #11 module and a configuration file pre-configured to connect to your CryptoHub instance. To install the files on the machine where you installed Bitwarden, perform theConfigure Bitwarden instructions in the next section.

Generate RSA key pair

Perform the following tasks to generate an RSA key pair for Bitwarden Key Connector:
  1. Create X.509 Certificate Container and root CA.
  2. Generate Bitwarden key pair.
  3. Export Bitwarden certificate.
  4. Assign a name to the private key.
  5. Grant Use permission on the private key.
You must generate the Bitwarden key pair under a root CA certificate to give it the encrypt and decrypt security usage it requires.

Create a certificate container and CA

Perform the following steps to create an X.509 certificate container and root CA:
1
Go toAdministrative Services > PKI Management > Certificate Management.
2
Select [ Add CA ].
3
In the X.509 Certificate Container creation dialog, configure the following settings:
  • Name: Bitwarden
  • Host: Select None
  • Type: Select X.509
  • Owner group: Select the Bitwarden role CryptoHub created for the service.
4
Right-click the Bitwarden X.509 certificate container and select Add Certificate > New Certificate.
5
Configure the following Subject DN settings:
  • Preset: Classic
  • Common Name: Root
6
Configure the following Basic Info settings:
  • Leave the fields set to the default values.
7
Configure the following V3 Extensions settings:
  • Profile: Select Certificate Authority
8
Select [ OK ].

Generate a key pair

Perform the following steps to generate the Bitwarden key pair:
1
Right-click the Root CA certificate and select Add Certificate > New Certificate.
2
Configure the following Subject DN settings:
  • Preset: Classic
  • Common Name: Bitwarden
3
Configure the following Basic Info settings:
  • Security Usage: Encrypt/Decrypt
  • Leave all other fields set to the default values.
4
Configure the following V3 Extensions settings:
  • Profile: TLS Client Certificate
5
Select [ OK ].

Export certificate

Perform the following steps to export the Bitwarden certificate:
1
Right-click the Bitwarden certificate and select Export > Certificate(s).
2
Change Encoding to PEM and select [ Browse ].
3
Specify a filename for web transfer (such as Bitwarden-Cert.pem) and select [ OK ].
4
Select [ OK ] to initiate the export.
5
When prompted, save the certificate file.

Assign a name

Perform the following steps to assign a name to the private key:
1
Go to Administrative Services > Key Management > Key Database.
2
Select [ Reload ].
3
Right-click the Bitwarden key pair in the Keys section and select Edit.
4
Under Key Settings, enter Bitwarden in the Name field and select [ OK ] to save.

Grant Use permission

Perform the following steps to grant the Use permission on the private key:
1
Go to Administrative Services > Key Management > Key Database.
2
Right-click the Bitwarden key pair and select Permission.
3
Select the Bitwarden role in the drop-down menu and select [ Add ].
4
Select the Permission drop-down option next to the Bitwarden role and select Use.
5
Select [ Save ].