Install Futurex PKCS #11

the following process installs only the hsm version of the pkcs #11 configuration file for {{k}} integrations, you need to replace the \<hsm> section with a \<kms> section perform the following steps to install futurex pkcs #11 on the same windows or linux server where you have or plan to install apache http server windows in a windows environment, the easiest way to install the futurex pkcs #11 module is through installing fxtools download fxtools from the futurex portal after you download it, run the fxtools installer as an administrator by default, all tools are installed on the system however, you can overwrite and choose not to install certain modules the modules include the following options module description futurex client tools command line interface (cli) and associated sdk for both java and c futurex cng module the microsoft next generation cryptographic library futurex cryptographic service provider (csp) the legacy microsoft cryptographic libary futurex ekm module the microsoft enterprise key management library futurex pkcs #11 module the futurex pkcs #11 library and associated tools futurex secure access client the client connects a futurex excrypt touch to a local laptop through usb or a remote {{futurex}} device after starting the installation, all noted services are installed if you select the {{futurex}} secure access client, the process also installs the excrypt touch driver this tool might start minimized or run in the background after installation is complete, you can find all services in the c \program files\futurex directory the cng , csp , ekm , and pkcs #11 modules all require configuration files located in their corresponding directory with a cfg extension linux for a linux environment, download the tarball of the pkcs #11 binaries from the {{futurex}} portal extract the tar file locally where you want to install the application on your file system for the {{futurex}} pkcs #11 module to be accessible system wide, an administrative user needs to extract in /usr/local/bin if only the current user needs to use the module, then you can extract it in $home/bin the extracted content of the tar file is a single fxpkcs11 directory inside the fxpkcs11 directory are the following files and directories (only files and folders relevant to the installation process are included) filename/directory description fxpkcs11 cfg pkcs #11 configuration file to use for hsm integrations fxpkcs11 kms cfg pkcs #11 configuration file to use for {{k3}} integrations x86/ this folder contains the module files for 32 bit architecture x64/ this folder contains the module files for 64 bit architecture the x86 and x64 directories contain multiple directories named for the specific openssl versions these openssl directories contain the pkcs #11 module files, built with the respective openssl versions configtest program to test configuration and connection to the hsm libfxpkcs11 so pkcs #11 library file pkcs11manager program to test connection and manage the hsm through the pkcs #11 library because the configtest and pkcs11manager programs expect to find the pkcs #11 configuration file in the /etc directory, you must either move the file from the /usr/local/bin/fxpkcs11 directory to the /etc directory or set the fxpkcs11 cfg environment variable to point to the pkcs #11 configuration file if you're using the {{k}} version of the pkcs #11 configuration file ( fxpkcs11 kms cfg ), you must rename the file to fxpkcs11 cfg