|
1 | 1 | --- |
2 | | -pcx_content_type: tutorial |
| 2 | +pcx_content_type: reference |
3 | 3 | title: Fortanix Data Security Manager |
4 | 4 | sidebar: |
5 | 5 | label: Fortanix DSM |
6 | 6 | --- |
7 | 7 |
|
8 | 8 | import { Example } from "~/components"; |
9 | 9 |
|
10 | | -This tutorial uses [Fortanix Data Security Manager (DSM)](https://www.fortanix.com/platform/data-security-manager) — a FIPS 140-2 Level 3 certified implementation. |
| 10 | +You can use Cloudfare Keyless SSL with [Fortanix Data Security Manager (DSM)](https://www.fortanix.com/platform/data-security-manager), a FIPS 140-2 Level 3 certified implementation. |
11 | 11 |
|
12 | | -## Before you begin |
13 | | - |
14 | | -Make sure you have: |
15 | | -- Signed up for a [Data Security Manager Enterprise Tier](https://www.fortanix.com/start-your-free-trial). |
16 | | -- [Created a group and an application](https://support.fortanix.com/docs/fortanix-data-security-manager-with-cloudflare-integration#53-creating-a-group) assigned to it. |
17 | | -- Selected API key as the application authentication method and copied the API key. The API key will be used in this tutorial. |
18 | | - |
19 | | -## 1. Deploy a Cloudflare key server |
20 | | - |
21 | | -Refer to [Get started](/ssl/keyless-ssl/configuration/) for available setups and more information. This guide is based on the [Public DNS](/ssl/keyless-ssl/configuration/public-dns/) option. It has been tested using a virtual machine (VM) deployed to Azure running Ubuntu 22.04.3 LTS. |
22 | | - |
23 | | -1. Generate a long random string to create a hostname such as `<RANDOM_STRING>.example.com`. Copy it for use in the next step. |
24 | | - |
25 | | -```bash |
26 | | -openssl rand -hex 12 |
27 | | -``` |
28 | | - |
29 | | -<Example> |
30 | | -Example: |
31 | | -```txt |
32 | | -d63de826d549ebef337bad80.test-cloudflare-fortanix.us |
33 | | -``` |
34 | | - |
35 | | -</Example> |
36 | | - |
37 | | -2. Create a configuration file for the certificate signing request (CSR). |
38 | | - |
39 | | -```bash |
40 | | -nano cloudflare.conf |
41 | | -``` |
42 | | - |
43 | | -<Example> |
44 | | -Below is an example of how to fill in the configuration file: |
45 | | - |
46 | | -```txt |
47 | | -[ req ] |
48 | | -default_bits = 2048 |
49 | | -distinguished_name = req_distinguished_name |
50 | | -req_extensions = req_ext |
51 | | -prompt = no |
52 | | -[ req_distinguished_name ] |
53 | | -countryName = GB |
54 | | -stateOrProvinceName = England |
55 | | -localityName = London |
56 | | -organizationName = Fortanix |
57 | | -commonName = d63de826d549ebef337bad80.test-cloudflare-fortanix.us |
58 | | -[ req_ext ] |
59 | | -subjectAltName = @alt_names |
60 | | -[alt_names] |
61 | | -DNS.1 = d63de826d549ebef337bad80.test-cloudflare-fortanix.us |
62 | | -``` |
63 | | -</Example> |
64 | | - |
65 | | -3. Create a CSR with the configuration file from the previous step. |
66 | | - |
67 | | -```bash |
68 | | -sudo openssl req -out keyserver.csr -newkey rsa:2048 -nodes -keyout keyserver.key -config cloudflare.conf |
69 | | -``` |
| 12 | +You must have a [Data Security Manager Enterprise Tier](https://www.fortanix.com/start-your-free-trial) and set up a group and an application assigned to the group. |
70 | 13 |
|
| 14 | +For detailed guidance, follow the tutorial in the [Fortanix documentation](https://support.fortanix.com/docs/fortanix-data-security-manager-with-cloudflare-integration#50-configure-fortanix-dsm). This guide is based on the Keyless SSL [public DNS](/ssl/keyless-ssl/configuration/public-dns/) option and has been tested using a virtual machine (VM) deployed to Azure running Ubuntu 22.04.3 LTS. |
0 commit comments