NAME

       pkcs11-destroy - destroy PKCS#11 objects

SYNOPSIS

       pkcs11-destroy [-m module] [-s slot] {-i ID | -l label} [-p PIN] [-w seconds]

DESCRIPTION

       pkcs11-destroy destroys keys stored in a PKCS#11 device, identified by their ID or label.

       Matching keys are displayed before being destroyed. By default, there is a five second delay to allow the
       user to interrupt the process before the destruction takes place.

ARGUMENTS

       -m module
           Specify the PKCS#11 provider module. This must be the full path to a shared library object
           implementing the PKCS#11 API for the device.

       -s slot
           Open the session with the given PKCS#11 slot. The default is slot 0.

       -i ID
           Destroy keys with the given object ID.

       -l label
           Destroy keys with the given label.

       -p PIN
           Specify the PIN for the device. If no PIN is provided on the command line, pkcs11-destroy will prompt
           for it.

       -w seconds
           Specify how long to pause before carrying out key destruction. The default is five seconds. If set to
           0, destruction will be immediate.

SEE ALSO

       pkcs11-list(3), pkcs11-keygen(3)

AUTHOR

       Internet Systems Consortium

COPYRIGHT

       Copyright © 2009 Internet Systems Consortium, Inc. ("ISC")

BIND9                                             Sep 18, 2009                                 PKCS11-DESTROY(8)