Getting started
Cosmian KMS can be installed on various platforms, including Docker, Ubuntu, Rocky Linux, macOS, and Windows.
It is prepackaged with an integrated web ui (except for macOS) that is available on the /ui path of the server.
The KMS is also available on the marketplaces of major cloud providers, prepackaged to run confidentially in a Cosmian VM. Please check this page for more information.
When installed using the options below, the KMS server will be automatically configured to run using an SQLite database. If you wish to change the database configuration, please refer to the database guide.
For high availability and scalability, refer to the High Availability Guide.
Cosmian CLI
The Cosmian CLI lets you interact with the KMS from the command line. Install it from Cosmian CLI and configure it.
Run the container as follows:
- The KMS UI is available at
http://localhost:9998/ui. - The KMS REST API is available on
http://localhost:9998, - The server stores its data inside the container in the
/root/cosmian-kms/sqlite-datadirectory.
A FIPS version is also available:
To persist data between restarts, mount the /root/cosmian-kms/sqlite-data path to a filesystem
directory or a Docker volume:
docker run --rm -p 9998:9998 \
-v cosmian-kms:/root/cosmian-kms/sqlite-data \
--name kms ghcr.io/cosmian/kms:latest
A custom configuration file can be provided by mounting it in the container:
Download the package and install it:
sudo apt update && sudo apt install -y wget
wget https://package.cosmian.com/kms/5.11.0/debian10/cosmian-kms-server_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server_5.11.0-1_amd64.deb
sudo cosmian_kms --version
Or install the FIPS version:
wget https://package.cosmian.com/kms/5.11.0/debian10/cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo cosmian_kms --version
A cosmian_kms service will be configured; the service file is located at /etc/systemd/system/cosmian_kms.service.
To start the KMS, run:
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
Download the package and install it:
sudo apt update && sudo apt install -y wget
wget https://package.cosmian.com/kms/5.11.0/ubuntu-22.04/cosmian-kms-server_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server_5.11.0-1_amd64.deb
sudo cosmian_kms --version
Or install the FIPS version:
wget https://package.cosmian.com/kms/5.11.0/ubuntu-22.04/cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo cosmian_kms --version
A cosmian_kms service will be configured; the service file is located at /etc/systemd/system/cosmian_kms.service.
To start the KMS, run:
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
Download the package and install it:
sudo apt update && sudo apt install -y wget
wget https://package.cosmian.com/kms/5.11.0/ubuntu-24.04/cosmian-kms-server_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server_5.11.0-1_amd64.deb
sudo cosmian_kms --version
Or install the FIPS version:
wget https://package.cosmian.com/kms/5.11.0/ubuntu-24.04/cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo apt install ./cosmian-kms-server-fips_5.11.0-1_amd64.deb
sudo cosmian_kms --version
A cosmian_kms service will be configured; the service file is located at /etc/systemd/system/cosmian_kms.service.
To start the KMS, run:
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
Download the package and install it:
sudo dnf update && sudo dnf install -y wget
wget https://package.cosmian.com/kms/5.11.0/rockylinux8/cosmian_kms_server-5.11.0-1.x86_64.rpm
sudo dnf install ./cosmian_kms_server-5.11.0-1.x86_64.rpm
sudo cosmian_kms --version
To start the KMS, run:
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
Download the package and install it:
sudo dnf update && sudo dnf install -y wget
wget https://package.cosmian.com/kms/5.11.0/rockylinux9/cosmian_kms_server-5.11.0-1.x86_64.rpm
sudo dnf install ./cosmian_kms_server-5.11.0-1.x86_64.rpm
sudo cosmian_kms --version
To start the KMS, run:
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
Download the installer for your architecture and run it:
- Apple Silicon (ARM64):
```sh
open https://package.cosmian.com/kms/5.11.0/macos/cosmian-kms-server_5.11.0_arm64.dmg
```
Then drag-and-drop the app to Applications or follow the DMG instructions.
After installation, run:
```sh
/Applications/Cosmian\ KMS\ Server.app/Contents/MacOS/cosmian_kms --version
/Applications/Cosmian\ KMS\ Server.app/Contents/MacOS/cosmian_kms
```
- The server uses the configuration file located at
/etc/cosmian/kms.toml. - The KMS UI is available at
http://localhost:9998/ui.
On Windows, download the NSIS installer:
Run the installer to install Cosmian KMS Server. The installer will:
- Install the KMS server with integrated web UI
- Set up the configuration file at %LOCALAPPDATA%\Cosmian KMS Server\kms.toml
After installation, you can run the server:
To start the KMS server:
- The KMS UI is available at
http://localhost:9998/ui - The server uses the configuration file located at
%LOCALAPPDATA%\Cosmian KMS Server\kms.toml - See the server configuration for more information