pkcs11-destroy - Man Page

pkcs11-destroy — destroy PKCS#11 objects pkcs11-destroy — destroy PKCS#11 objects

pkcs11-destroy [-m module] [-s slot] [-i ID] [-l label] [-p PIN] [-w seconds]

pkcs11-destroy destroys keys stored in a PKCS#11 device, identified by their ID or label.

Matching keys are displayed before being destroyed. By default, there is a five-second delay to allow the user to interrupt the process before the destruction takes place.

-m module

This option specifies the PKCS#11 provider module. This must be the full path to a shared library object implementing the PKCS#11 API for the device.

-s slot

This option opens the session with the given PKCS#11 slot. The default is slot 0.

-i ID

This option destroys keys with the given object ID.

-l label

This option destroys keys with the given label.

-p PIN

This option specifies the PIN for the device. If no PIN is provided on the command line, pkcs11-destroy prompts for it.

-w seconds

This option specifies how long, in seconds, to pause before carrying out key destruction. The default is 5 seconds. If set to 0, destruction is immediate.

pkcs11-keygen(8), pkcs11-list(8), pkcs11-tokens(8)

Internet Systems Consortium

2021, Internet Systems Consortium

pkcs11-keygen(8), pkcs11-list(8), pkcs11-tokens(8).