Generate RSA key pair on the Vectera Plus

perform the following steps to generate an rsa key pair for bitwarden on the {{vectera}} run the fxcli hsm program connect to the admin tls port on the hsm by using the connect tcp command before connecting, you must configure the tls certificates in fxcli by using the tls commands for additional details, see the fxcli hsm technical reference on the {{fu}} portal log in with both default admin identities when prompted, enter the username and password run the following command twice (once for admin1 and once for admin2 ) fxcli login user run the following command to generate a new private key in the next available key slot on the {{vectera}} you need this key in step 6 to create a self signed certificate fxcli generate \ algo rsa \ bits 4096 \ name bitwarden privatekey \ usage dek \ slot next run the following command to assign the value bitwarden to the label pkcs #11 attribute of the bitwarden privatekey key created in the preceding step fxcli keytable extdata slot 0 p11 attr label p11 value "bitwarden" the value set in the slot flag must match the key slot where you created the bitwarden privatekey run the following command to create a self signed certificate by using the private key generated on the hsm in the preceding step 4 fxcli x509 sign \ private slot 0 \ validity period "2 year" \ dn "cn=bitwarden key connector" \ ca false \ eku client \ key usage digitalsignature key usage keyagreement \ out bitwarden cert pem