Certificate Authority
Red Hat Certificate System (RH...

Install Futurex PKCS #11

1min

In a Linux environment, you can download a tarball of the Futurex PKCS #11 (FXPKCS11) binaries from the Futurex Portal and then extract the tar file locally where you want to install the application on your system. The following section provides step-by-step installation instructions.

Note: Install FXPKCS11 on the same computer as the application integrating with the KMES Series 3.

1

For a Linux Environment, download the tarball of the PKCS #11 binaries from the Futurex Portal.

2

Extract the .tar file locally where you want to install the application in your file system.

If you need the Futurex PKCS #11 module to be accessible system-wide, an administrative user needs to install it in /usr/local/bin. If only the current user needs to use the module, install it $HOME/bin.

3

The extracted content of the .tar file is a single fxpkcs11 directory, which contains the following files and directories (only files and folders that are relevant to the installation process are shown here):

Filename or directory

Description



fxpkcs11.cfg



PKCS #11 configuration file to use for HSM Integrations.



fxpkcs11-kms.cfg

PKCS #11 configuration file to use for KMES Series 3 integrations.



x86/

This folder contains the module files for 32-bit architecture.



x64/

This folder contains the module files for 64-bit architecture.


4

The x86 and x64 directories have multiple directories named for the specific OpenSSL versions. These OpenSSL directories contain the PKCS #11 module files, built with the respective OpenSSL versions.

File name

Description



configTest

Program to test configuration and connection to the HSM.



libfxpkcs11.so

PKCS #11 Library file.



PKCS11Manager

Program to test connection and manage the HSM through the PKCS #11 library.


5

The configTest and PKCS11Manager programs look for the PKCS #11 configuration file in the /etc directory. You must either move the file from the /usr/local/bin/fxpkcs11 directory to the /etc directory or set the FXPKCS11_CFG environment variable to point to the PKCS #11 configuration file.

If using the KMES version of the PKCS #11 configuration file (i.e, fxpkcs11-kms.cfg), rename the file to fxpkcs11.cfg.



Updated 25 Feb 2024
Did this page help you?
PREVIOUS
Before you start
NEXT
Configure KMES Series 3
Docs powered by Archbee