Install and configure Futurex PKCS #11
After deploying the service in , you need to deploy a client endpoint. Endpoints are devices authorized to access this service. In the Endpoints menu, you can view and filter details about existing endpoints and add new endpoints.
Perform the following tasks to deploy a client endpoint and install the client library files.
Go to the Endpoints menu inside the service you deployed.
In the Manage Endpoints menu, select [ Add New ].
In the Add Endpoint dialog:
- Enter a Name for the endpoint.
- Leave set the Hostname that is auto-populated.
- Select the Platform on which to deploy the service.
Select [ Add Endpoint ]. When prompted, download the zip file containing the Futurex PKCS #11 module and a configuration file pre-configured to connect to your instance.
Install FXPKCS11 on the machine where you installed the service with which you are integrating.
Extract the Endpoint zip file downloaded in your browser after deploying the service in CryptoHub. The zip file contains the following files:
PKCS11Manager.exe
Program to test the connection to the and perform basic functions through the FXPKCS11 module, such as logging in and generating random data.
ca-chain.pem
CA certificate bundle
client-cert.pem
Client TLS certificate
client.p12
Full Client PKI in encrypted PKCS #12 format (contains the CA chain, client certificate, and client private key)
configTest.exe
Program to test configuration and connection to the
fxpkcs11.cfg
Configuration file for the Futurex PKCS #11 library
fxpkcs11.dll
The PKCS #11 library file.
Move all of the above FXPKCS11 files to C:\Program Files\Futurex\fxpkcs11. Create the Futurex\fxpkcs11 directories as an administrator.
The PKCS #11 module expects to find the FXPKCS11 configuration file (fxpkcs11.cfg) in the C:\Program Files\Futurex\fxpkcs11 directory by default. Alternatively, you can set the FXPKCS11_CFG environment variable to point to the location of the FXPKCS11 configuration file to store it in a different location.
Extract the zip file downloaded from . The zip file contains the following files:
PKCS11Manager
Program to test the connection to the and perform basic functions through the FXPKCS11 module, such as logging in and generating random data.
ca-chain.pem
CA certificate bundle
client-cert.pem
Client TLS certificate
client.p12
Full Client PKI in encrypted PKCS #12 format (contains the CA chain, client certificate, and client private key)
configTest
Program to test configuration and connection to the CryptoHub
fxpkcs11.cfg
Configuration file for the Futurex PKCS #11 library
libfxpkcs11.so
The Futurex PKCS #11 library file.
Move all the preceding files to one of the following locations:
- To make the FXPKCS11 library accessible system-wide, use sudo to move them to the /usr/local/bin/fxpkcs11 directory.
- To make the FXPKCS11 library accessible only to the current user, move them to the $HOME/bin/fxpkcs11 directory.
Important: The PKCS #11 module expects the configuration file (fxpkcs11.cfg) to be in the /etc directory by default. Use the following command to move fxpkcs11.cfg to /etc:
Alternatively, to store the configuration file in a different location, set the FXPKCS11_CFG environment variable to the path of your configuration file: