Before you start - Futurex Documentation

Supported hardware
Supported operating systems
Required access
Network and firewall
Other

Verify your environment meets these requirements.

Supported hardware

KMES Series 3, application version 6.3.1.3 or later, with initial setup completed (including loading a Platform Master Key and network configuration).

Supported operating systems

Linux

Required access

An account on the KMES with administrator permissions to create roles, identities, TLS PKI, and update system settings.
Local administrator/root access on all hosts where you install or configure components.

Network and firewall

Allow outbound TCP port 2001 (default Host API port) from the BIND server to the KMES Series 3, specified by FQDN (for example, kmes.example.com) or CIDR (for example, 10.0.0.0/24).

TLS inspection or SSL proxies can break mutual TLS handshakes. Exempt the KMES FQDN(s) from inspection. Configure the KMES Series 3 with an FQDN so the exemption applies.

Other

OpenSSL (version 3.0.0 or newer)
BIND (version 9.20 or newer)

BIND must be compiled from source to work with Futurex HSMs. Installing via package managers may cause linking issues between bind9-utils and OpenSSL providers.

⌘I

​Supported hardware

​Supported operating systems

​Required access

​Network and firewall

​Other

Supported hardware

Supported operating systems

Required access

Network and firewall

Other