Versasec vSEC:CMS

this document shows how to configure the {{futurex}} {{ch}} with versasec vsec\ cms by using {{futurex}} pkcs #11 libraries for additional questions about your {{ch}} device, see the relevant user guide application description from the versasec documentation website vsec\ cms is an innovative, easily integrated, and cost effective credential management system (cms) designed to assist you in deploying and managing credentials within your organization vsec\ cms is fully functional with minidriver enabled credentials, such as smart cards, usb tokens, and virtual smart cards, including windows hello for business (whfb) it streamlines all aspects of credential management by seamlessly connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, pin mailers, and more with vsec\ cms, you can issue credentials to employees, personalize them with authentication details, and manage the entire credential life cycle, directly from this off the shelf product architecture the vsec\ cms client server architecture uses both an rpc framework and soap with the following protocols grpc with http/2 or http/2 over tls soap with http or https for simplicity, this guide refers to it as http(s) main components the following items comprise the main components of vsec\ cms vsec\ cms service this windows service manages the vsec\ cms database and operator account management for authorized users it operates as a windows service, defaulting to run under the system account vsec\ cms soap/grpc service another windows service, this component facilitates communication with the vsec\ cms service it serves as the soap/grpc service for the vsec\ cms agent, vsec\ cms admin, and the vsec\ cms user application vsec\ cms agent or vsec\ cms admin each operator uses either of these components, operating within the user's context vsec\ cms user application this component, executed on an end user workstation, enables self service credential operations with both conventional smart cards and virtual smart cards hsm support in vsec\ cms you can use an hsm to store the master keys used when performing administration key operations with the vsec\ cms, such as registering a smart card token or pin unblock operations the vsec\ cms interfaces with the hsm through the pkcs #11 protocol you should use the hsm key management tools available from the hsm vendor for all management functions around the master key stored on the hsm