Appendix: Futurex certification process

the {{futurex}} certification process is a rigorous and standardized approach to testing and certifying integrations between third party applications and {{futurex}} hsms and key management servers (such as {{k3}} ) the certification process ensures that we fully test and validate third party application integrations in a lab environment before deploying them in a production environment our integration engineering team implements this process so that you can be confident that third party applications integrate seamlessly with {{futurex}} hsms and {{k3}} devices and that all operations result in the expected behavior the certification process involves several steps, including research, testing, troubleshooting, and certification, and is fully documented in an integration guide for each integration the full process includes the following steps research the third party application to gain a general understanding of the solution and the protocol it uses to integrate with an hsm or kms device (such as pkcs #11, microsoft cng, jce, openssl engine, and kmip) determine the scope of the third party application use of the hsm or kms device, including the specific functionalities it uses (for example, data encryption, key protection, entropy, and so on) install and configure the third party application in a lab environment, where all testing and validation takes place establish a connection between the third party application and the {{futurex}} device, which typically involves configuring tls certificates and creating roles and identities that the third party application uses to connect and authenticate to the {{futurex}} device initiate a request from the third party application to the {{futurex}} device, such as generating keys or certificates, encrypting or decrypting data, or performing other cryptographic functions if any errors occur during the testing process, the integration engineering team diagnoses the issues and takes necessary corrective actions if necessary, the team also documents the errors by creating engineering change requests (ecrs) to ensure all issues are addressed and resolved before certification after any necessary engineering changes have been made, the team performs a new end to end test to ensure that all errors are resolved and all operations are successful certify the integration by creating an integration guide that covers all necessary prerequisites, lists configurations required in both the third party application and the {{futurex}} device, and provides instructions to test functionality by following these steps, we ensure that the integration between the third party application and the {{futurex}} device is fully tested and validated and that we resolve any errors or issues before we certify the integration as fully supported