Valid on z/OS.
Use the UNBIND keyword with the P11TOKEN function to remove a certificate from a PKCS#11 token.
The certificate to be removed is identified by one of:
The keyword has the following format:
TSS P11TOKEN UNBIND
LABLCTKN(token name)
SEQNUM(nnnnnnnn)|LABLCERT(certificate label)
TOKNUSER(userid)
FORCE
Specifies the name of the token being deleted. The token must already exist.
Specifies the sequence number of the certificate to remove from the token. If the certificate is not defined to CA Top Secret, then FORCE must be specified. LABLCERT and SEQNUM are mutually exclusive.
Specifies the digital certificate label name of the certificate to unbind. TOKNUSER must also be specified. LABLCERT and SEQNUM are mutually exclusive.
Specifies the userid for the digital certificate.
Specifies that the certificate is to be removed even if it is not defined to CA Top Secret. May only be used when SEQNUM is specified.
This keyword is used with MISC3(PTOK) authority.
Controlled by ICSF using resources in the CRYPTOZ class. Authority to resources in the IBMFAC class is not required.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|