Create a new identity and associate it with the new application partition

For this step, you must log in with an identity that has a role with the Identity:Add permission. You can use the default Administrator role and Admin identities.

Choose one of the following methods to create the identity and associate it with the application partition:

Excrypt Manager

Perform the following steps to use Excrypt Manager to create an identity and associate it with the partition:

Go to the Identity Management menu and select Add.

Specify a name for the new identity.

Then, in the Roles drop-down menu, select the name of the previously created application partition to associate the new identity with the application partition you created.

If the HSM is in FIPS mode, you must repeat the preceding steps to create a second identity. The passwords for the two identities must be identical because of how the Futurex PKCS #11 library logs into the HSM.

Create a password and enter it in both the Password and Confirm Password fields.

FXCLI

Run the identity add FXCLI command to create a new identity and associate it with the application partition or role that you created:

FXCLI

  identity add --name Identity_Name --role Role_Name --password safest

If the HSM is in FIPS mode, you must repeat the preceding command to create a second identity.

After you create an indentity, you must set the name of the identity (or identities if the HSM is in FIPS mode) in the fxpkcs11.cfg file, in the <HSM> section, as shown in the following example:

None

# HSM crypto operator user name
<CRYPTO-OPR>    [insert name of identity that you created]             </CRYPTO-OPR>
#<CRYPTO-OPR2>   [insert name of second identity if HSM is in FIPS mode]   </CRYPTO-OPR2>

⌘I

​Excrypt Manager

​FXCLI

Excrypt Manager

FXCLI