Install Futurex PKCS #11 (FXPKCS11)

install fxpkcs11 on the same computer as the application that integrates with the hsm perform the following steps to install {{futurex}} pkcs #11 for a linux environment, download the tarball of the pkcs #11 binaries from the {{futurex}} portal e xtract the tar file locally where you want to install the application on your file system for the {{futurex}} pkcs #11 module to be accessible system wide, an administrative user must place it in /usr/local/bin if only the current user needs to use the module, then installing into $home/bin is appropriate the extracted content of the tar file is a single fxpkcs11 directory this directory contains the following files and directories (only the files and folders relevant to the installation process are included in this list) file name or directory description fxpkcs11 cfg pkcs #11 configuration file to use for hsm integrations fxpkcs11 kms cfg (you might not use this file ) pkcs #11 configuration file to use for {{k3}} integrations x86/ this folder contains the module files for the 32 bit architecture x64/ this folder contains the module files for the 64 bit architecture the x86 and x64 directories contain multiple directories named for the specific openssl versions these openssl directories contain the pkcs #11 module files built with the respective openssl versions file name description configtest program to test the configuration and connection to the hsm libfxpkcs11 so pkcs #11 library file pkcs11manager program to test the connection and manage the hsm through the pkcs #11 library the configtest and pkcs11manager programs look for the pkcs #11 configuration file in the /etc directory you must either move the file from the /usr/local/bin/fxpkcs11 directory to the /etc directory or set the fxpkcs11 cfg environment variable to point to it set file permissions required by the installer in the final section of this integration guide, the zettaset xcrypt full disk installer script runs certain commands with the ztsca user because of this, the ztsca user must have full permissions on the fxpkcs11 module, configuration, and log files the simplest way to do this is to make the pkcs11 group the owner of the fxpkcs11 files the ztsca user is a part of this group to make this configuration, execute the following commands sudo chown r \ pkcs11 /usr/local/bin/fxpkcs11 sudo chown \ pkcs11 /etc/fxpkcs11 cfg sudo chown \ pkcs11 /tmp/fxpkcs11 log