Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
PKCSICSF(1)			 openCryptoki			   PKCSICSF(1)

NAME
       pkcsicsf	- configuration	utility	for the	ICSF token

SYNOPSIS
       pkcsicsf	 [-h] [-l|-a token name] [-b BINDDN] [-c client-cert-file] [-C
       CA-cert-file] [-k privatekey] [-m mechanism] [-u	URI]

DESCRIPTION
       The pkcsicsf utility lists available ICSF tokens	and allows user	to add
       one specific ICSF token to opencryptoki.

       The ICSF	token must be added first to opencryptoki. This	creates	an en-
       try in the opencryptoki.conf file for the ICSF token. It	also creates
	a token_name.conf configuration	file in	 the  same  directory  as  the
       opencryptoki.conf file, containing ICSF specific	information.  This in-
       formation is read by the	ICSF token.

       The  ICSF token must bind and authenticate to an	LDAP server.  The sup-
       ported authentication mechanisms	are simple and	sasl.	One  of	 these
       mechanisms  must	 be  entered when listing the available	ICSF tokens or
       when adding an ICSF token. Opencryptoki currently supports adding  only
       one ICSF	token.

       The  system  admin  can either allow the	ldap calls to utilize existing
       ldap configs, such as ldap.conf or .ldaprc for bind and	authentication
       information or set the bind and authentication information within open-
       cryptoki	 by  using this	utility	and its	options.  The information will
       then be placed in the token_name.conf file  to  be  used	 in  the  ldap
       calls.  When using simple authentication, the user will be prompted for
       the racf	password when listing or adding	a token.

       The pkcsicsf utility must be run	as root	when adding an ICSF  token  to
       opencryptoki.

OPTIONS
       -a token	name
		 add the specified ICSF	token to opencryptoki.

       -b BINDND the distinguish name to bind when using simple	authentication

       -c client-cert-file
		 the client certificate	file when using	SASL authentication

       -C CA-cert-file
		 the CA	certificate file when using SASL authentication

       -h	 show usage information

       -k privatekey
		 the client private key	file when using	SASL authentication

       -m mechanism
		 the  authentication mechanism to use when binding to the LDAP
		 server	(this should be	either simple or sasl)

       -l	 list available	ICSF tokens

       -h	 show usage information

FILES
       /etc/opencryptoki/opencryptoki.conf
	      the opencryptoki config file containing token configuration  in-
	      formation

       /etc/opencryptoki/token_name.conf
	      contains ICSF configuration information for the ICSF token

SEE ALSO
       opencryptoki(7),
       pkcsslotd(8).
       pkcsconf(8).

3.19.0				  April	2013			   PKCSICSF(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=pkcsicsf&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help