Service guides
15 min
cryptohub logo the services page contains a list of available and deployed third party integrations and custom tools to enhance your {{ch}} 's function this section provides detailed technical documentation to help integrate third party applications with the {{futurex}} {{ch}} what is a service? services are deployable {{ch}} tools that you can add to your unit most services add third party features to your unit, enabling you to incorporate functions like google cloud key management and more other services include {{ch}} tools built by our engineers to support complicated workflows, such as our payment key injection services that simplify ped injections these services can be managed in the services page, but they're also accessible in their relevant tool page in the left side menu see managing services docid\ hr9jogf4zsmtombpuq6sr and service logs docid\ ay77mxxr4dvlgt9trrp7y for administrative guides and documentation futurex certification process the {{futurex}} certification process is a rigorous and standardized approach to testing and certifying integrations between third party applications and the {{futurex}} {{ch}} the certification process ensures that we fully test and validate third party application integrations in a lab environment before deploying them in a production environment our integration engineering team implements this process so that you can be confident that third party applications integrate seamlessly with {{futurex}} {{ch}} devices and that all operations result in the expected behavior the certification process involves several steps, including research, testing, troubleshooting, and certification, and is fully documented in an integration guide for each integration the full process includes the following steps research the third party application to gain a general understanding of the solution and the protocol it uses to integrate with an hsm or kms device (such as pkcs #11, microsoft cng, jce, openssl engine, and kmip) determine the scope of the third party application use of the hsm or kms device, including the specific functionalities it uses (for example, data encryption, key protection, entropy, and so on) install and configure the third party application in a lab environment, where all testing and validation take place establish a connection between the third party application and the {{ch}} , which typically involves configuring tls certificates and creating roles and identities that the third party application uses to connect and authenticate to {{ch}} initiate a request from the third party application to the {{ch}} , such as generating keys or certificates, encrypting or decrypting data, or performing other cryptographic functions if any errors occur during the testing process, the integration engineering team diagnoses the issues and takes necessary corrective actions if necessary, the team also documents the errors by creating engineering change requests (ecrs) to ensure all issues are addressed and resolved before certification after any necessary engineering changes have been made, the team performs a new end to end test to ensure that all errors are resolved and all operations are successful certify the integration by creating an integration guide that covers all necessary prerequisites, lists configurations required in both the third party application and {{ch}} , and provides instructions to test functionality by following these steps, we ensure that the integration between the third party application and the {{futurex}} {{ch}} is fully tested and validated and that we resolve any errors or issues before we certify the integration as fully supported integration guide organization this section contains guides that result from a rigorous certification process in which our integration engineering team thoroughly tests and validates each integration in a lab environment before certifying it for customer deployment each integration guide is specific to a particular third party application and explains how to integrate those applications with the {{ch}} by using supported protocols such as pkcs #11, microsoft cng, jce, openssl engine, kmip, and more this guide assumes you have a solid technical understanding of the third party application, cryptographic concepts, and basic networking the following process shows the typical organization of our integration guides before you start covers supported hardware models, os versions, third party software, and other prerequisites deploy the integration in cryptohub provides a straightforward wizard based deployment for the integration service you are deploying create an endpoint for the service explains how to create new endpoints for the service, making it easy for the third party application to connect and authenticate to the cryptohub configure the third party application shows how to configure the application to connect to the {{futurex}} device and use its cryptographic functionalities test the integration provides test cases and expected results to validate that the integration works end to end for key use cases properly troubleshoot common issues offers tips for diagnosing and resolving common errors or issues seen with the integration integration guides by application a adobe acrobat sign docid\ st4xwiviz9wf8zckcf1y1 amazon xks (external key store) docid\ m2rrdd50nr0u7bx7d6vma android apksigner docid 8n4ix1j8myngjnq5wzpgp ansible docid\ vviqz wpgqcakvezh2vos ansible vault docid\ ockzldzfbdrciffyes61s apache http server docid\ rgdr0vakbhlkhpblhnz2e apache tomcat docid\ h2kzrugvwphwutfujulrr axway va docid\ rutkz778oygnxjvqmngez b beyondtrust password safe docid 4bxiicdba5xky94jfzozv bind docid\ md47rf433v2lv2szuw0sc bitwarden docid\ wgmfuuxjpdcfqh3m6cxwz c check point security gateway docid\ ureg6yibgumqmgwh4c2xf cyberark pam docid\ ukzjglhx1yyx rptzdbcd d dogtag certificate system docid 5ew44pazfbbn hlbj7kmm e ejbca docid\ oyokcng8qg3ivibhxmqop f futurex transparent data protection (tdp) docid\ qfhccnz7c aoymudfibh0 g generic futurex cng docid\ anczm5rijebklgib0kmns generic futurex pkcs #11 docid\ wy 22yfmijsr6 anafaba generic futurex pkcs #11 with java docid\ g0wjfxdysyhdg9c0mri3h generic kmip docid 2xvs rpfwedcvkryuxegf google cloud ekm (external key manager) docid\ i3vwfk9eddgwvtr7ejtwu google workspace cse docid\ jd0zfbiu1m9wjojxm rvx google workspace cse for gmail docid\ eoky6ux 6gagourkczgoq h hashicorp vault docid\ a0e3veczeknffmqhihd8j hashicorp vault managed keys docid\ dyrc7aurvnnrbgcl0lilf i ibm db2 docid 3okkklkmcba z3dq0gz5i isc certagent docid\ jlwqwvzgafubgtc0f3d1z j java jarsigner docid\ o fnoocv1y34hrwxdgzay jenkins code signing docid\ aegzghvki2aedlx oabce k key lifecycle management docid\ jx90x66g6193z44pe nhv m mariadb docid\ y9jqtfhhx yrrddpwp5aq microsoft adcs docid\ cs661xtw9umwc0p grrgy microsoft ad rms docid\ xa77numl0tnaxbly7z48d microsoft signtool docid goiry7wgdsnis1pbdvpp microsoft sql server docid\ khg1k ver8vzgg8x4yryb mongodb docid\ f9gab1m0 ywvc6odbd 0q mysql enterprise tde docid\ f9daovqj6awoybzrwu ta n netapp ontap docid\ rcbndskvx65ijq hqfdi nginx docid\ reqmcqd03lefaaho ragw o openssl engine docid\ skhd2ldzp7afll iip7tz openvpn docid\ nroiy4agwtddvbzlkbezz oracle database tde docid\ uq 0zjmjrqrkzroaellor p postgresql docid 6xfo3gshcdpbb8qdrwiuf protegrity data protection platform docid\ p8y9n4tj1mkcextcetvop pure storage flasharray docid\ ytmqxq0n3drt9vbc2 hbp r red hat certificate system (rhcs) docid\ cgaqgx4vn30ldpcyh9wyf s ssh key offloading docid\ rzttobmyzmct4qoaqeekh t truenas enterprise docid\ pkxw7tmoqvh2v2z4 guud v venafi adaptable ca docid 5imaiwtcxvbuiyrfo7 qi venafi control plane docid\ oansnttwch 23ecmxq c versasec vsec\ cms docid\ ruu9cipjus93qvjwaa1wt vmware vsphere docid lkr hwebyic9 rdhdsl w windows certificate store docid\ ozaa062o8ddkkyazcdmep z zettaset xcrypt full disk docid\ avqg4xz3q8h vw0kj1omq zoho docid\ crnap67izpmpbl05as3zn