Verify your environment meets these requirements.Documentation Index
Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
Use this file to discover all available pages before exploring further.
CryptoHub requirements
- A Futurex CryptoHub appliance (version
7.0.3.xor later) with initial setup completed, including:- Platform Master Key (PMK) loaded
- Network configuration set
- Administrator access to the CryptoHub
OpenVPN Connect v3 requirements
- OpenVPN Connect v3 application is installed on the Windows or macOS client device that will be used to connect to the OpenVPN Access Server.
Supported Platforms
- macOS Catalina, Big Sur, Monterey, Ventura, Sonoma, and Sequoia
- Windows 10 and 11
Network requirements
- Network connectivity from the OpenVPN Connect host to the CryptoHub:
- Outbound TCP port 2001 (default Host API port) allowed.
- Destination allowed by FQDN (e.g.,
cryptohub.example.com) or CIDR range. - CryptoHub FQDN exempt from TLS/SSL inspection or proxy filtering.
Underlying responsibility roles
The PKCS #11 integration workflow involves three distinct roles that work together:- Access Server Admin: Responsible for managing the OpenVPN Access Server, including creating client profiles, configuring server settings, and handles extracting certificates and generating PKCS #12 files.
- CryptoHub Admin: Responsible for managing the CryptoHub appliance, including deploying the OpenVPN Connect service, issuing and managing certificates and keys stored on the HSM, and configuring PKCS #11 settings. Could be the same person who is acting as the Access Server Admin depending on organizational structure.
- OpenVPN Connect User: Responsible for installing OpenVPN Connect, importing the client profile, and configuring the VPN connection with the hardware token on their device.
Pages relevant to each role
- CryptoHub Admin:
- Access Server Admin:
- OpenVPN Connect User: