p11-kit man page

p11-kit — Tool for operating on configured PKCS#11 modules


p11-kit list-modules

p11-kit extract ...


p11-kit is a command line tool that can be used to perform operations on PKCS#11 modules configured on the system.

See the various sub commands below. The following global options can be used:

-v, --verbose

Run in verbose mode with debug output.

-q, --quiet

Run in quiet mode without warning or failure messages.

List Modules

List system configured PKCS#11 modules.

$ p11-kit list-modules

The modules, information about them and the tokens present in the PKCS#11 modules will be displayed.


Extract certificates from configured PKCS#11 modules.

See trust(1) for more information

Extract Trust

Extract standard trust information files.

See trust(1) for more information


Run a PKCS#11 module remotely.

$ p11-kit remote /path/to/pkcs11-module.so

This is not meant to be run directly from a terminal. But rather in a remote option in a pkcs11.conf(5) file.


Please send bug reports to either the distribution bug tracker or the upstream bug tracker at https://bugs.freedesktop.org/enter_bug.….

See Also


Further details available in the p11-kit online documentation at http://p11-glue.freedesktop.org/doc/p11….

Referenced By

pkcs11.conf(5), trust(1).

Explore man page connections for p11-kit(8).