This document shows how to configure the with Versasec vSEC:CMS by using PKCS #11 libraries. For additional questions about your device, see the relevant user guide.

From the Versasec documentation website: vSEC:CMS is an innovative, easily integrated, and cost-effective Credential Management System (CMS) designed to assist you in deploying and managing credentials within your organization.

vSEC:CMS is fully functional with Minidriver-enabled credentials, such as smart cards, USB tokens, and virtual smart cards, including Windows Hello for Business (WHfB). It streamlines all aspects of credential management by seamlessly connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers, and more. With vSEC:CMS, you can issue credentials to employees, personalize them with authentication details, and manage the entire credential life cycle, directly from this off-the-shelf product.

The vSEC:CMS client-server architecture uses both an RPC framework and SOAP with the following protocols:

For simplicity, this guide refers to it as HTTP(S).

The following items comprise the main components of vSEC:CMS:

You can use an HSM to store the master keys used when performing administration key operations with the vSEC:CMS, such as registering a smart card token or PIN unblock operations. The vSEC:CMS interfaces with the HSM through the PKCS #11 protocol. You should use the HSM key management tools available from the HSM vendor for all management functions around the master key stored on the HSM.