Appendix: Futurex certification process

the futurex certification process is a rigorous and standardized approach to testing and certifying integrations between third party applications and the {{futurex}} hsms and key management servers (such as the {{k3}} ) the certification process is designed to ensure that third party application integrations are fully tested and validated in a lab environment before being deployed in a production environment the {{futurex}} integration engineering team implements this process so that customers can have confidence that third party applications integrate seamlessly with {{futurex}} hsms and {{k3}} devices, and that all operations result in the expected behavior the certification process involves the following steps, including research, testing, troubleshooting, and certification research the third party application to gain a general understanding of the solution and the protocol it uses to integrate with an hsm or kms device (such as pkcs #11, microsoft cng, jce, openssl engine, and kmip) determine the scope of the third party application use of the hsm or kms device, including the specific functionalities it uses (such as data encryption, key protection, entropy, and so on) install and configure the third party application in a lab environment, where all testing and validation will take place establish a connection between the third party application to the {{futurex}} device, which typically involves configuring tls certificates and creating roles and identities that the third party application uses to connect and authenticate to the {{futurex}} device initiate a request from the third party application to the {{futurex}} device, such as generating keys or certificates, encrypting or decrypting data, or other cryptographic functions if any errors occur during the testing process, the integration engineering team diagnoses the issues and takes necessary corrective actions if necessary, the team also documents any errors by creating engineering change requests (ecrs) to address and resolve all issues before certification after any necessary engineering changes have been made, the team performs a new end to end test to ensure that all errors have been resolved and that all operations are successful certify the integration by creating an integration guide that covers all necessary prerequisites, configurations required in both the third party application and the {{futurex}} device, and how to test functionality research the third party application to gain a general understanding of the solution and the protocol it uses to integrate with an hsm or kms device (such as pkcs #11, microsoft cng, jce, openssl engine, and kmip) determine the scope of the third party application use of the hsm or kms device, including the specific functionalities it uses (such as data encryption, key protection, entropy, and so on) install and configure the third party application in a lab environment, where all testing and validation takes place establish a connection between the third party application to the {{futurex}} device, which typically involves configuring tls certificates and creating roles and identities that the third party application uses to connect and authenticate to the {{futurex}} device initiate a request from the third party application to the {{futurex}} device, such as generating keys or certificates, encrypting or decrypting data, or other cryptographic functions if any errors occur during the testing process, the integration engineering team diagnoses the issues and takes necessary corrective actions if necessary, the team also documents any errors by creating engineering change requests (ecrs) to address and resolve all issues before certification after any necessary engineering changes have been made, the team performs a new end to end test to ensure that all errors have been resolved and that all operations are successful certify the integration by creating an integration guide that covers all necessary prerequisites, configurations required in both the third party application and the futurex device, and how to test functionality overall, following these steps helps ensure that the integration between the third party application and the {{fu}} device is fully tested and validated, and that any errors or issues are resolved before the integration is certified as fully supported