Provided by: opencryptoki_3.4.1+dfsg-1ubuntu4.1_amd64 bug

NAME
       pkcsicsf - configuration utility for the ICSF token


SYNOPSIS
       pkcsicsf  [-h] [-l|-a token name] [-b BINDDN] [-c client-cert-file] [-C CA-cert-file] [-k privatekey] [-m
       mechanism] [-u URI]


DESCRIPTION
       The pkcsicsf utility lists available ICSF tokens and allows user  to  add  one  specific  ICSF  token  to
       opencryptoki.

       The  ICSF  token must be added first to opencryptoki. This creates an entry in the opencryptoki.conf file
       for the ICSF token. It also creates
        a token_name.conf configuration file in the same directory as  the  opencryptoki.conf  file,  containing
       ICSF specific information.  This information is read by the ICSF token.

       The ICSF token must bind and authenticate to an LDAP server.  The supported authentication mechanisms are
       simple  and sasl.  One of these mechanisms must be entered when listing the available ICSF tokens or when
       adding an ICSF token. Opencryptoki currently supports adding only one ICSF token.

       The system admin can either allow the ldap calls to utilize existing ldap configs, such as  ldap.conf  or
       .ldaprc  for  bind  and  authentication information or set the bind and authentication information within
       opencryptoki by using this utility and  its  options.   The  information  will  then  be  placed  in  the
       token_name.conf  file  to  be  used in the ldap calls. When using simple authentication, the user will be
       prompted for the racf password when listing or adding a token.


OPTIONS
       -a token name
                 add the specified ICSF token to opencryptoki.

       -b BINDND the distinguish name to bind when using simple authentication

       -c client-cert-file
                 the client certificate file when using SASL authentication

       -C CA-cert-file
                 the CA certificate file when using SASL authentication

       -h        show usage information

       -k privatekey
                 the client private key file when using SASL authentication

       -m mechanism
                 the authentication mechanism to use when binding to the LDAP  server  (this  should  be  either
                 simple or sasl)

       -l        list available ICSF tokens

       -h        show usage information


FILES
       /etc/opencryptoki/opencryptoki.conf
              the opencryptoki config file containing token configuration information

       /etc/opencryptoki/token_name.conf
              contains ICSF configuration information for the ICSF token


SEE ALSO
       opencryptoki(7),
       pkcsslotd(8).
       pkcsconf(8).

3.4.1                                              April 2013                                        PKCSICSF(1)