Introduction to p11-kit

The p11-kit package Provides a way to load and enumerate PKCS #11 (a Cryptographic Token Interface Standard) modules.

This package is known to build and work properly using an LFS 7.8-systemd platform.

Package Information

p11-kit Dependencies



NSS-3.20, GTK-Doc-1.24 and libxslt-1.1.28

User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/p11-kit

Installation of p11-kit

Install p11-kit by running the following commands:

./configure --prefix=/usr --sysconfdir=/etc &&

To test the results, issue: make check.

Now, as the root user:

make install

Command Explanations

--with-hash-impl=freebl: Use this switch if you want to use Freebl library from NSS for SHA1 and MD5 hashing.

--enable-doc: Use this switch if you have installed GTK-Doc-1.24 and libxslt-1.1.28 and wish to rebuild the documentation and generate manual pages.


Installed Program: p11-kit and trust
Installed Libraries: libp11-kit.so and p11-kit-proxy.so
Installed Directories: /etc/pkcs11, /usr/include/p11-kit-1, /usr/lib/{p11-kit,pkcs11}, /usr/share/gtk-doc/html/p11-kit, and /usr/share/p11-kit

Short Descriptions


is a command line tool that can be used to perform operations on PKCS#11 modules configured on the system.


is a command line tool to examine and modify the shared trust policy store.


contains functions used to coordinate initialization and finalization of any PKCS#11 module.


is the PKCS#11 proxy module.

Last updated on 2015-10-03 19:54:13 +0000