> ## Documentation Index
> Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Quick reference

> Concise summary of prerequisites and high-level steps for the BIND integration, intended for quick lookup.

This section offers a quick reference to key prerequisites and high-level implementation steps. For basic testing procedures for the integration, see [**Validate and test**](./Post-integration_tasks/Validate_and_test).

## Pre-implementation

Ensure your environment complies with the following requirements:

* Install dependencies
  * OpenSC (from source or with package manager under `opensc`)
  * BIND (from source, v9.20 or newer)
* Check OpenSSL version (v3.0 or newer)
* Admin privileges on the HSM

## Implementation

Perform the following high-level steps to implement this integration:

<Note>
  You can complete most tasks in this section by using either Excrypt Manager or FXCLI. The exception is the second option of task 7 (Create connection certificates for mutual authentication), for which you must use FXCLI.

  You can optionally complete steps 4 through 6 by using the Guardian Series 3 (see the applicable guide for configuring HSMs for PKCS #11 integrations by using the Guardian Series 3).
</Note>

<Note>
  If you use a virtual HSM for the integration, you must connect to it over the network through FXCLI, the Excrypt Touch, or the Guardian Series 3.
</Note>

* Install Futurex PKCS #11 module (**FXPKCS11)**.
* Install Futurex Command Line Interface (**FXCLI)**.
* Configure Vectera Plus:
  * Connect to the HSM with a USB to enable Excrypt Manager or FXCLI.
  * Confirm that the Command Primary Mode is **General Purpose (GP)** and that you enable the **PKCS #11** feature.
  * Configure the HSM network.
  * Load FTK , PMK and BEK major keys.
  * Configure the transaction processing connection.
  * Create a new application partition for the integration.
  * Create a new identity and give it access to the newly created application partition.
  * Configure TLS with either server-side or mutual authentication.
* Edit the FXPKCS11 configuration file.
* Install and configure pkcs11-provider .

## Post-implementation

After you complete the integration, perform the following tasks to validate it:

* Generate keys with OpenSC.
* Convert HSM stored keys to be compatible with the BIND interface.
* Sign the zone with the BIND9-compatible keys.
