pkcs11-destroy

PKCS11-DESTROY(8)                    BIND9                   PKCS11-DESTROY(8)



NAME
       pkcs11-destroy - destroy PKCS#11 objects

SYNOPSIS
       pkcs11-destroy [-m module] [-s slot] {-i ID | -l label} [-p PIN]
                      [-w seconds]

DESCRIPTION
       pkcs11-destroy destroys keys stored in a PKCS#11 device, identified by
       their ID or label.

       Matching keys are displayed before being destroyed. By default, there
       is a five second delay to allow the user to interrupt the process
       before the destruction takes place.

ARGUMENTS
       -m module
           Specify the PKCS#11 provider module. This must be the full path to
           a shared library object implementing the PKCS#11 API for the
           device.

       -s slot
           Open the session with the given PKCS#11 slot. The default is slot
           0.

       -i ID
           Destroy keys with the given object ID.

       -l label
           Destroy keys with the given label.

       -p PIN
           Specify the PIN for the device. If no PIN is provided on the
           command line, pkcs11-destroy will prompt for it.

       -w seconds
           Specify how long to pause before carrying out key destruction. The
           default is five seconds. If set to 0, destruction will be
           immediate.

SEE ALSO
       pkcs11-list(3), pkcs11-keygen(3)

AUTHOR
       Internet Systems Consortium

COPYRIGHT
       Copyright © 2009 Internet Systems Consortium, Inc. ("ISC")



BIND9                            Sep 18, 2009                PKCS11-DESTROY(8)