Provided by: step-ca_0.15.15-4_amd64 
NAME
step-pkcs11-init - initialize PKI for step-ca
DESCRIPTION
The step-pkcs11-init command initializes a public key infrastructure (PKI) to be used by
step-ca.
This tool is experimental and in the future it will be integrated in step cli.
OPTIONS
-crt-cert string
PKCS #11 URI with object id and label to store the intermediate certificate.
(default "pkcs11:id=7331;object=intermediate-cert")
-crt-key string
PKCS #11 URI with object id and label to store the intermediate certificate.
(default "pkcs11:id=7331;object=intermediate-key")
-force
Force the delete of previous keys.
-key string
Path to the root key to use.
-kms string
PKCS #11 URI with the module-path and token to connect to the module. (default
"pkcs11:module-path=/usr/lib/x86_64-linux-gnu/pkcs11/yubihsm_pkcs11.so;token=YubiHSM")
-no-certs
Do not store certificates in the module.
-pin string
PKCS #11 PIN
-root string
Path to the root certificate to use.
-root-cert string
PKCS #11 URI with object id and label to store the root certificate. (default
"pkcs11:id=7330;object=root-cert")
-root-key string
PKCS #11 URI with object id and label to store the root key. (default
"pkcs11:id=7330;object=root-key")
-root-only
Store only only the root certificate and sign and intermediate.
-ssh
Enable the creation of ssh keys.
-ssh-host-key string
PKCS #11 URI with object id and label to store the key used to sign SSH host
certificates. (default "pkcs11:id=7332;object=ssh-host-key")
-ssh-user-key string
PKCS #11 URI with object id and label to store the key used to sign SSH user
certificates. (default "pkcs11:id=7333;object=ssh-user-key")
COPYRIGHT
(c) 2018-2020 Smallstep Labs, Inc.
AUTHOR
This manpage was written by Peymaneh Nejad for the Debian distribution and can be used for
any other usage of the program.