Perform the following steps to install and set up CertAgent. Internet Explorer and Firefox support its web-based interface.Documentation Index
Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
Use this file to discover all available pages before exploring further.
When prompted, choose the listening port to be created for the HyperSQL database. If port
9001 is already in use, you can use 9002 or 9003.After installing, configure the following details:
| Information | Description |
|---|---|
| PKCS11 Library Path | Select [ Browse ] and select the location of FXPKCS11.dll on the hard drive. (The default PKCS11 install location is C:/Program Files/Futurex.) |
| HSM Partition | Prompt to select one of the partitions found in the HSM. |
| HSM PIN | This is the password for the identity created previously. |
| Common Name (CN) | Common Name for the CA Root certificate that the CertAgent creates. |
| Organization Name | Organization Name for the CA Root certificate that CertAgent creates. |
| PKCS #12 Password | Password to be used for PKCS #12 files the CertAgent and the Vectera Plus generate. |
Be sure to note the PKCS #12 password, admin TLS port (<admin port>), and public TLS port (<public port>) you enter during installation. You need this information to import the certificates for the web browsers to access the CertAgent sites (Administrator site, Public site, CA site)
Next, set the SA password along with a user account and password for the CertAgent database. Be sure to note these for future use.
The installer creates the credentials and finalizes the installation process.
During the installation process, you can check the following logs:
C:\Temp\fxpkcs11.log- for status related to all actions through the PKCS11 library.C:\Program Files\CertAgent7\install.log- for CertAgent installation status.C:\Program Files\CertAgent7\install-hsql.log- for HyperSQL installation status.
At the end of the installation, CertAgent creates a
Readme.txt file. We recommend you read and follow the instructions for POST-installation steps.Installation verification
Perform the following steps to ensure CertAgent communicates correctly with the Vectera Plus:The following procedure requires you to add the certificates installed by CertAgent to the trusted list of your web browser.
After the installation completes, you can log in to the HSM through Excrypt Manager to verify the keys are generated and stored on the HSM.
You can use FXCLI to validate this installation. After you connect by using the
connect usb command, you must run the following commands to verify the keys exist in the Vectera Plus:FXCLI
FXCLI
FXCLI
If all six keys are present, the installation was successful.
Open a command terminal and go to the installation location of CertAgent. Then run the
certagent setpin command.To set a pin in the terminal, go to the System PIN Entry page shown in the
Readme.txt and follow the instructions provided in the file.After you set the System PIN Entry, review the
Readme.txt file to find the links for the System Administrative site, the CA Account site, and the Public site.| Site | Description |
|---|---|
| System Administrative Site |
|
| CA Account Site |
|
| Public Site |
|
Using the Public site, send a certificate signing request by using the Enroll function. Using Internet Explorer, you can generate a key for a certificate to be signed by the HSM. Firefox cannot generate a key for you.