debian man page for p11tool

Query: p11tool

OS: debian

Section: 1

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

p11tool(1)						      General Commands Manual							p11tool(1)

NAME
p11tool - Manipulate PKCS #11 tokens.
SYNOPSIS
p11tool [options]
DESCRIPTION
Export/import data from PKCS #11 tokens. To use PKCS #11 tokens with gnutls the configuration file /etc/gnutls/pkcs11.conf has to exist and contain a number of lines of the form "load=/usr/lib/opensc-pkcs11.so".
OPTIONS
Program control options -d, --debug LEVEL Specify the debug level. Default is 1. -h, --help Shows this help text Generic options --login Force login to the token for the intended operation. --provider MODULE In addition to /etc/gnutls/pkcs11.conf, load the specified module. --outfile FILE Print output to FILE. --inder, --inraw Input is DER formatted. Getting information on available X.509 certificates --list-tokens Prints all available tokens. --initialize URL Initializes (formats) the specified by the URL token. Note that several tokens do not support this fascility. Getting information on available X.509 certificates --list-all-certs Prints all available certificates. --list-certs Prints all certificates that have a corresponding private key stored in the token. --list-trusted Prints all certificates that have been marked as trusted. Getting information on private keys --list-privkeys Prints all available private keys. Handling generic objects --export URL Exports the object (e.g. certificate) specified by the URL. --delete URL Deletes the object specified by the URL. Note that several tokens do not support deletion. --detailed-url When printing URLs print them in a detailed (to the PKCS #11 module used) form. --no-detailed-url When printing URLs, do not print details on the module used. Storing objects --write URL Flag to set when writing an object. Requires one of --load-privkey, --load-pubkey, --load-certificate or --secret-key options. --load-privkey Load a private key for the write operations. --load-pubkey Load an X.509 subjectPublicKey for the write operation. --load-certificate Load an X.509 certificate for the write operation. --secret-key Specify a hex encoded secret key for the write operation. --trusted The object stored will be marked as trusted. --label The label of the object stored. Controlling output -8, --pkcs8 Use PKCS #8 format for private keys.
EXAMPLES
To store a private key and certificate, run: $ p11tool --login --write "pkcs11:XXX" --load-privkey key.pem --label "MyKey" $ p11tool --login --write "pkcs11:XXX" --load-certificate cert.pem --label "MyCert" To view all objects in a token, use: $ p11tool --login --list-all
AUTHOR
Nikos Mavrogiannopoulos <nmav@gnutls.org> and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list. November 11th 2010 p11tool(1)
Related Man Pages
pkcs11-tool(1) - centos
p11tool(1) - debian
pkcs15-tool(1) - debian
danetool(1) - centos
gnutls_pkcs11_privkey_generate2(3) - centos
Similar Topics in the Unix Linux Community
Adding the individual columns of a matrix.
awk or sed - Convert 2 lines to 1 line
Is UNIX an open source OS ?
How to copy a column of multiple files and paste into new excel file (next to column)?
New UNIX and Linux History Sections