pkcs11-destroy — destroy PKCS#11 objects pkcs11-destroy — destroy PKCS#11 objects
pkcs11-destroy [-m module] [-s slot] [-i ID] [-l label] [-p PIN] [-w seconds]
pkcs11-destroy destroys keys stored in a PKCS#11 device, identified by their ID or label.
Matching keys are displayed before being destroyed. By default, there is a five-second delay to allow the user to interrupt the process before the destruction takes place.
- -m module
This option specifies the PKCS#11 provider module. This must be the full path to a shared library object implementing the PKCS#11 API for the device.
- -s slot
This option opens the session with the given PKCS#11 slot. The default is slot 0.
- -i ID
This option destroys keys with the given object ID.
- -l label
This option destroys keys with the given label.
- -p PIN
This option specifies the PIN for the device. If no PIN is provided on the command line, pkcs11-destroy prompts for it.
- -w seconds
This option specifies how long, in seconds, to pause before carrying out key destruction. The default is 5 seconds. If set to 0, destruction is immediate.
pkcs11-keygen(8), pkcs11-list(8), pkcs11-tokens(8)
Internet Systems Consortium
2021, Internet Systems Consortium
pkcs11-keygen(8), pkcs11-list(8), pkcs11-tokens(8).