lunar (1) step-pkcs11-init.1.gz
NAME
step-pkcs11-init - initialize PKI for step-ca
DESCRIPTION
The step-pkcs11-init command initializes a public key infrastructure (PKI) to be used by step-ca. This tool is experimental and in the future it will be integrated in step cli.
OPTIONS
-crt-cert string PKCS #11 URI with object id and label to store the intermediate certificate. (default "pkcs11:id=7331;object=intermediate-cert") -crt-key string PKCS #11 URI with object id and label to store the intermediate certificate. (default "pkcs11:id=7331;object=intermediate-key") -force Force the delete of previous keys. -key string Path to the root key to use. -kms string PKCS #11 URI with the module-path and token to connect to the module. (default "pkcs11:module-path=/usr/lib/x86_64-linux-gnu/pkcs11/yubihsm_pkcs11.so;token=YubiHSM") -no-certs Do not store certificates in the module. -pin string PKCS #11 PIN -root string Path to the root certificate to use. -root-cert string PKCS #11 URI with object id and label to store the root certificate. (default "pkcs11:id=7330;object=root-cert") -root-key string PKCS #11 URI with object id and label to store the root key. (default "pkcs11:id=7330;object=root-key") -root-only Store only only the root certificate and sign and intermediate. -ssh Enable the creation of ssh keys. -ssh-host-key string PKCS #11 URI with object id and label to store the key used to sign SSH host certificates. (default "pkcs11:id=7332;object=ssh-host-key") -ssh-user-key string PKCS #11 URI with object id and label to store the key used to sign SSH user certificates. (default "pkcs11:id=7333;object=ssh-user-key")
COPYRIGHT
(c) 2018-2020 Smallstep Labs, Inc.
AUTHOR
This manpage was written by Peymaneh Nejad for the Debian distribution and can be used for any other usage of the program.