KMF Keystore Management
KMF manages the keystores for three public key technologies, PKCS #11 tokens, NSS,
and OpenSSL. For all of these technologies, the pktool command enables you to
do the following:
Designate a keystore for each certificate and PIN.
Generate a self-signed certificate.
Generate a certificate request.
Generate a symmetric key.
Import objects into the keystore.
List the objects in the keystore.
Delete objects from the keystore.
Download a CRL.
For the PKCS #11 and NSS technologies, the pktool command also enables you
to set a PIN by generating a passphrase:
For examples of using the pktool utility, see the pktool(1) man page
and Using the Key Management Framework (Task Map).