Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.futurex.com/llms.txt

Use this file to discover all available pages before exploring further.

This section offers a quick reference to key prerequisites and high-level implementation steps. For basic testing procedures for the integration, see

Pre-implementation

  • Install dependencies:
    • Curity Identity Server
    • Oracle Java JDK (17 or 21)
  • Admin privileges on KMES Series 3

Implementation

  • Install Futurex PKCS #11 module (FXPKCS11)
  • Configure KMES Series 3
    • Create a new application partition (KMES Series 3 role)
    • Create a new identity and give it access to the newly created application partition
    • Enable necessary Host API commands
    • Configure TLS with server-side authentication
  • Edit FXPKCS11 configuration file
  • Configure JAVA_HOME and PATH environment variables
  • Configure SunPKCS11 to use Futurex PKCS11 module
  • Create PKI container and certificate with key pair
    • Create PKI container
    • Generate certificate and key pair
    • Create an approval group
    • Add issuance policy to certificate
    • Verify generated certificate and private key is in Java Keystore
  • Configure Curity with KMES
    • Start Curity with HSM specific flags
    • Enable HSM in Curity Admin UI
    • Configure Curity TLS settings to use the KMES stored key
    • Assign the KMES key to a Curity runtime node

Post-implementation

  • Validate success by checking Curity logs for successful KMES connection
  • Test the connection by checking the TLS certificate of the runtime node