The Security Module Database Tool, modutil, is a command-line utility for managing PKCS #11 (Cryptographic Token Interface Standard) module information within secmod.db files or within hardware tokens. You can use the tool to add and delete PKCS #11 modules, change passwords, set defaults, list module contents, enable or disable slots, enable or disable FIPS-140-1 compliance, and assign default providers for cryptographic operations. This tool can also create key3.db, cert7.db, and secmod.db security database files. For more information on this tool, see http://www.mozilla.org/projects/security/pki/nss/tools/modutil.html.
Add a new PKCS11 module or token.
modutil -add ${token.module.name} -nocertdb -force -mechanisms RSA:DSA:RC4:DES -libfile ${SCA.lib.path} -dbdir ${admin.domain.dir}/${admin.domain}/config |
Delete a PKCS11 module from an NSS store.
modutil -delete ${token.module.name} -nocertdb -force -mechanisms RSA:DSA:RC4:DES -libfile ${SCA.lib.path} -dbdir ${admin.domain.dir}/${admin.domain}/config |
List available token modules in an NSS store.
modutil -list -dbdir ${admin.domain.dir}/${admin.domain}/config |