Using Fortanix Data Security Manager With AppViewX CLMaaS

  • Updated on May 28, 2025
  • Published on Jun 26, 2024
  • 4 minute(s) read
Prev Next

1.0 Introduction

The integration between appviewX and Fortanix helps enterprises overcome the challenges brought by managing private keys in a complex infrastructure. appviewX acts as the automation and orchestration engine for the lifecycle management of X.509 certificates, and Fortanix-Data-Security-Manager (DSM) ensures the security of the private keys associated with those certificates in the cloud, on-premises or as a hybrid solution.

2.0 Prerequisites

3.0 Configure Fortanix DSM

A Fortanix DSM service must be configured, and the URL must be accessible. To create a Fortanix DSM account and group, refer to the following sections:

3.1 Signing Up

To get started with the Fortanix DSM cloud service, you must register an account at <Your_DSM_Service_URL>. For example, https://eu.smartkey.io.

For detailed steps on how to set up the Fortanix DSM, refer to the User's Guide: Sign Up for Fortanix Data Security Manager SaaS documentation.

3.2 Creating an Account

Access <Your_DSM_Service_URL> in a web browser and enter your credentials to log in to Fortanix DSM.

Figure 1: Logging in

For more information on how to set up an account in Fortanix DSM, refer to the User's Guide: Getting Started with Fortanix Data Security Manager - UI.

3.3 Creating a Group

Perform the following steps to create a group in the Fortanix DSM:

  1. In the DSM left navigation panel, click the Groups menu item, and then click the + button to create a new group.

    Figure 2: Add groups

  2. On the Adding new group page, do the following:

    1. Title: Enter a name for your group.

    2. Description (optional): Enter a short description of the group.

  3. Click SAVE to create the new group.

The new group is added to the Fortanix DSM successfully.

3.4 Creating an Application

Perform the following steps to create an application (app) in the Fortanix DSM:

  1. In the DSM left navigation panel, click the Apps menu item, and then click the + button to create a new app.

    Figure 3: Add application

  2. On the Adding new app page, do the following:

    1. App name: Enter the name for your application.

    2. ADD DESCRIPTION (optional): Enter a short description of the application.

    3. Authentication method: Select the default API Key as the authentication method from the drop down menu. For more information on these authentication methods, refer to the User's Guide: Authentication.

    4. Assigning the new app to groups: Select the group created in Section 4.3: Creating a Group from the list.

  3. Click SAVE to add the new application.

The new application is added to the Fortanix DSM successfully.

3.5 Copying the API Key

Perform the following steps to copy the API key from the Fortanix DSM:

  1. In the DSM left navigation panel, click the Apps menu item, and then click the app created in Section 3.4: Creating an Application to go to the detailed view of the app.

  2. On the INFO tab, click VIEW API KEY DETAILS.

  3. From the API Key Details dialog box, copy the API Key of the app to use it later in Vendor specific details in Section 4.0: Integrating Fortanix HSM with AppViewX CLMaas.

4.0 Integrating Fortanix HSM with AppViewX CLMaaS

The following are the steps to integrate Fortanix DSM with appviewX CMLSaaS:

  1. Make sure appviewX cloud connector is installed in your network. Communication from appviewX to Fortanix HSM will be routed through this cloud connector.

  2. Log in to the appviewX UI using valid credentials. By default, the Dashboard is displayed.

  3. From the top-right corner of the Dashboard, click DeviceIcon.png.

  4. From the menu displayed, select Inventory → Device.

    AppViewX-Device.png

    Figure 4: aapviewX Dashboard

    The Device :: ADC page is displayed.

  5. Under the HSM tab, from the navigation pane on the left, select Fortanix.

    AppViewX-HSMDevice.png

    Figure 5: Fortanix HSM device

  6. In the General Information section, enter/select the following details:

    • Name*: Enter a name for this integration.

    • Description: Enter a description for the integration.

    • Implementation type: Select the implementation type.

    • Data center*: From the dropdown list, from the list of applicable values, select the required data center.

      NOTE

      The data center selected here is used to map the appviewX Cloud Connector for this integration.

  7. In the Vendor specific details section, enter/select the following details:

    • API Key*: Fortanix DSM app credentials.

    • Key handler name*: A reference name to create a Master Encryption key in HSM. This enables us to pick the right MEK for crypto operations over KEK.

    • So file location*: The SO file is used to facilitate the communication between the HSM and appviewX.
      To upload the .so file:

      1. Click Browse.

      2. Navigate to the location of the .so file.

      3. Select the .so file and click Open.

    • Config file location: The Config file is used to facilitate the communication between the HSM and appviewX.
      To upload the .conf file:

      1. Click Browse.

      2. Navigate to the location of the .conf file.

      3. Select the .conf file and click Open.

  8. Click Save.

  9. Scroll to the end of this page to view the table that will be populated with all the details of this HSM.
    If the HSM has been configured correctly, the Status for the HSM will be set to Available (after checking the encryption and decryption logic).
    If the Status is Not Available:

    • Check the installation path for the HSM.

    • Ensure that all required permissions have been enabled.

  10. If the implementation type is CSR Generation, to generate the CSR, follow the steps given here: