Futurex
Prerequisites
- KMES Host API URL and port number
- Login credentials
For links to detailed instructions on getting the above information from Futurex, see the References section.
- Internet access or a proxy configuration for the AppViewX server. Refer the Managing Proxy Settings documentation in the Platform guides.
Configuring a Futurex CA Account in AppViewX
-
Go to
(Menu) > CERT+ >
ADMINISTRATION > Certificate
Authority.
The Certificate Authority page is displayed. -
On the Certificate Authority page, from the CA list displayed in the
left, select Futurex.
If this is the first Futurex CA setting to be onboarded in AppViewX, the Certificate Authority page is updated to display the Configure Now button for Futurex.
If this is a subsequent CA setting, the Certificate Authority is updated to display an inventory of the existing Futurex CA settings.
-
To onboard your first Futurex account setting in AppViewX, click
Configure Now.
OR
Click +Add.
The Certificate Authority page is updated to display the form fields for onboarding a Futurex account. -
Enter/Select the General Information for the CA account.
Table 1. General Information - Field Description Table Fields Description *CA Account name A unique name to identify the CA setting. No special characters other than ‘.’, ‘-’,’_’ are allowed. Names should not start with special characters. Constraints:- Only the following special characters are considered valid: ., -, and _.
- The CA account name cannot start with a special character (including the valid ones).
*Purpose/Usage From the dropdown list, select the certificate type (server, client, and code signing) for which the CLM actions have to be enabled. Proxy Required If the CA communication has to happen via a proxy, select this checkbox. Proxy settings configured in the Platform module of the product will be used for the communication. To read more on how the proxy is set up, click Managing Proxy Settings.
Data Center (AppViewX's CA agent) From the dropdown list, select the data center through which the CA communication will be routed. *: Mandatory fields -
Enter/Select the CA Configuration details.
Table 2. General Information - Field Description Table Fields Description *API Endpoint Enter the endpoint URL of the KMES remote host, without the port number. Constraints:- Valid input values
- Letters (a–z, A–Z)
- Numbers (0–9)
- Hyphen (-)
- Period (.)
- Forward slash (/)
- Colon (:)
- Protocol prefix (
http://orhttps://)
- Invalid input values
- Port numbers (for example, 443)
- Backslash (\)
- Single and double quotation marks (', ")
- Angle brackets (<, >)
- Braces ({, })
- Caret (^)
- Pipe (|)
- Backtick (`)
*Port Enter the KMES host API port number. Constraints:- Only numeric values are allowed.
- Input value must be in the range 1 - 65535.
*Authentication method From the dropdown list, select the authentication method that will be used for connecting to the KMES host API. Currently, for onboarding a Futurex CA setting, AppViewX supports authentication only via Username and Password. The corresponding value in the dropdown list is selected, by default.
*Number of logins required Futurex issues multiple login credential sets to each account. For stronger security, users can be asked to login with more than one credential set. To set how many credentials a user must provide for authentication, enter the required number in this field.
Valid values: 1 to 9
*User Name Enter the username for connecting to Futurex KMES host API. *Password Enter the password for connecting to Futurex KMES host API. Add To add the above configured CA setting to the FutureX CA settings inventory in AppViewX, click Add. Client Certificate required [Optional] To use a client certificate to communicate with the host API endpoint, turn on the Client Certificate required toggle. This will require users to provide a valid PKCS12 client certificate, in the .p12 or .pfx format, for authentication before they are connected to the Futurex KMES host API.
Client Authentication Certificate This field is displayed when the Client Certificate required security feature is enabled. Note: Only .p12 and .pfx PKCS12 client certificates can be uploaded for authentication.To upload a client certificate for authentication:- Click Upload.
- Navigate to the location of the client certificate file and select the required certificate file.
*: Mandatory fields - Valid input values
-
To retrieve the complete list of issuance policies supported by this
Futurex CA setting, click Fetch Issuance
Policies.
An issuance policy defines the rules, restrictions, and configuration for how a Certificate Authority (CA) issues certificates. It controls the approval requirements, cryptographic settings, alerts, and other configuration parameters.The retrieved list is displayed in a table below the Fetch Issuance Policies button.
-
Click Save.
In the CA instance inventory, the connection status is initially set to In Progress. Twice after this, this status is automatically checked and refreshed every 5 seconds. Once the CA instance is successfully configured, the status is updated to Success. Status checks after the first two times have to be done manually.Note: In case the connection fails, you can manually verify the connection status by clicking the Check button in the Connection Status field.
Manually Validating the CA Connection Status
-
Go to
(Menu) > CERT+ >
ADMINISTRATION > Certificate
Authority.
The Certificate Authority page is displayed.
-
On the Certificate Authority page, from the CA list displayed in the
left, select Futurex.
The Certificate Authority page is updated to display an inventory of all Futurex settings onboarded in AppViewX.
-
In the Connection Status column of the inventory grid, click
Check to validate the CA setting.
The CA communication will be validated and the Connection Status will be updated toSuccess/Failure.
