This section offers a quick reference to key prerequisites and high-level implementation steps. For basic testing procedures for the integration, seeDocumentation Index
Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
Use this file to discover all available pages before exploring further.
Pre-implementation
Ensure your environment complies with the following requirements:- Install dependencies
- OpenSC (from source or with package manager under
opensc) - OpenVPN Access Server
- Python 3.6 and newer
- Python library
asn1crypto
- Python library
- OpenSC (from source or with package manager under
- Check OpenSSL version (v3.0 or newer)
- Admin privileges on the KMES Series 3
Implementation
- Install Futurex PKCS #11 module (FXPKCS11)
- Configure KMES Series 3:
- Create a new application partition (KMES Series 3 role)
- Create a new identity and give it access to the newly created application partition
- Enable necessary Host API commands
- Configure TLS with server-side authentication
- Edit the FXPKCS11 configuration file
- Install and configure pkcs11-provider
- Prepare Cryptographic material for Access Server
- Set Access Server in external PKI mode
- (Optional) Create server CA
- Generate server certificate and key
- Generate client certificate and key
- Configure Access Server and setup a test client
- Generate
tls_authkey - Generate Diffie-Hellman parameters
- Import certificate and key files to Access Server
- Configure test client on Access Server admin UI
- Generate and download a server-locked profile for the client
- Install the profile and P12 file to OpenVPN Connect v3 application
- Generate
Post-implementation
After you complete the integration, perform the following tasks to validate it:- Using OpenVPN Connect application, validate the connection by connecting to the VPN using the certificate and P12 file.