Red Hat Certificate System (RHCS) - Futurex Documentation

This document provides information regarding configuring the Futurex Vectera Plus HSM with Red Hat Certificate System (RHCS) by using our PKCS #11 libraries. For additional questions related to your HSM, see the relevant user guide.

About Red Hat Certificate System

From the Red Hat knowledge base website: Red Hat Certificate System provides a powerful security framework to manage user identities and ensure communication privacy. Handling the major functions of the identity life cycle, Red Hat Certificate System simplifies enterprise-wide deployment and adoption of a public key infrastructure (PKI).

Basic architecture of an RHCS deployment

Although each RHCS subsystem (CA, KRA, OCSP, TKS, and TPS) provides a different service, all share a common architecture. For more information, refer to the following Red Hat knowledge base article: https://access.redhat.com/documentation/en-us/red_hat_certificate_system/9/html/planning_installation_ and_deployment_guide/sect-certificate-system-architecture-overview

Guardian integration

The Guardian Series 3 introduces mission-critical viability to core cryptographic infrastructure, including:

Centralization of device management
Elimination of points of failure
Distribution of transaction loads
Group-specific function blocking
User-defined grouping systems

See the applicable guide in the Futurex Portal for configuring HSMs with the Guardian Series 3, including PKCS #11 and CNG configuration.

​About Red Hat Certificate System

​Basic architecture of an RHCS deployment

​Guardian integration

About Red Hat Certificate System

Basic architecture of an RHCS deployment

Guardian integration