Key management
HashiCorp Vault - Managed Keys

Configure the Vectera Plus

2min

You can complete most tasks in this section by using either Excrypt Manager or FXCLI. The exception is the second option of task 7 (Create connection certificates for mutual authentication), for which you must use FXCLI.

You can optionally complete steps 4 through 6 by using the . Refer to the applicable guide for configuring HSMs for PKCS #11 integrations by using the .

If you use a virtual HSM for the integration, you must connect to it over the network through FXCLI, the Excrypt Touch, or the .

To establish a connection between the PKCS #11 library and the , perform the following configuration tasks:

  1. Connect to the HSM through the front USB port by using Excrypt Manager or FXCLI.
  2. Validate the enabled features on the HSM.
  3. Set up the network configuration.
  4. Load the FTK, PMK, and BEK major keys.
  5. Configure a transaction processing connection and create a new application partition.
  6. Create a new identity that has access to the new application partition.
  7. Configure TLS Authentication by using one of the following options:
    • Enable server-side authentication.
    • Create client certificates for mutual authentication.
  8. Enable the EDSVWU multi-usage combination for asymmetric keys.

Each of these action items is detailed in the following subsections.

Updated 12 Sep 2024
Did this page help you?
PREVIOUS
Install Futurex Command Line Interface (FXCLI)
NEXT
Connect to the HSM through the front USB port
Docs powered by Archbee