GNU.WIKI: The GNU/Linux Knowledge Base

  [HOME] [PHP Manual] [HowTo] [ABS] [MAN1] [MAN2] [MAN3] [MAN4] [MAN5] [MAN6] [MAN7] [MAN8] [MAN9]

  [0-9] [Aa] [Bb] [Cc] [Dd] [Ee] [Ff] [Gg] [Hh] [Ii] [Jj] [Kk] [Ll] [Mm] [Nn] [Oo] [Pp] [Qq] [Rr] [Ss] [Tt] [Uu] [Vv] [Ww] [Xx] [Yy] [Zz]


       voms-proxy-init - create a proxy with VOMS extensions


       voms-proxy-init [options]


       The  voms-proxy-init  generates  a  proxy  with  the  VOMS  information
       included in a non critical extension.


       Options may be specified  indifferently  with  either  a  "-"  or  "--"
       prefix.  The  options  from -help to -out are present for compatibility
       with grid-proxy-init, and have the exact same meaning. The  meaning  of
       the other ones is the following.


       -usage Displays usage


       Displays version

       -debug Enables extra debug output


       -q Quiet mode, minimal output

       -verify Verifies proxy

       -pwstdin Allows passphrase from stdin

       -limited Creates a limited proxy

       -hours   H  Proxy  is  valid  for  H  hours (default:12) This option is
       deprecated and is only present for compatibility with  grid-proxy-init,
       since this option does not set the validity of the credentials returned
       by VOMS. Use -valid instead.

       -vomslife  H Tries to get a pseudo cert with information  valid  for  H
       hours.  The  default is "as long as the proxy certificate". The special
       value 0 means as  long  as  the  server  will  allow.  This  option  is
       deprecated,  since it does not set the validity of the generated proxy.
       Use -valid instead.

       -valid  HH:MM This option attempts to set the  validity  for  both  the
       proxy  and  the  credentials  returned  by  the VOMS server. The latter
       validity may however be shortened due to  server  policy.  This  option
       obsoletes  both  -hours and -vomslife, and should be used in preference
       to both

       -bits  B Number of bits in key {0|512|1024|2048|4096}. 0 is  a  special
       value which means: same number of bits as in the issuing certificate.

       -cert  certfile Non-standard location of user certificate

       -key  keyfile Non-standard location of user key

       -certdir    certdir   Non  standard  location  where  the  trusted  CAs
       certificates are kept.

       -out  proxyfile Location of new proxy cert

       -voms  voms[:command] Specifies the VOMS server to  contact  using  the
       nickname voms. It also allows to send a specific command to the server.
       The  default  command  is  :all,  and  it  gets  all  group  membership
       information.  Other  commands  are  :/Role=rolename  which  grants  the
       rolename   VO-wide   role   if    the    server    allows    it,    and
       :/group/Role=rolename  which grants the role rolename only in the group
       /group, again only if the server allows it.

       Example : voms-proxy-init --voms myVO:/myVO/Role=VO-Admin

       -order  fqan Specified fqans, if present, are put on top of the list of
       attributes returned by the server in the order in which they are passed
       (using more -order call). The order of the others is not specified.  If
       some  of  the  fqans  are  not returned no warning is given. Capability
       selection is not supported.

       -include  file Includes file in the  certificate  (in  a  non  critical

       -conf  file Read options from file.

       -confile  file

       -userconf  file

       -vomses   file  Specifies the name of a configuration file from which a
       list of nicknames is read. The format of the  file  is  the  following:
       nick  host  port  subject  vo where nick is the nickname, host and port
       are the hostname and port of the server  to  contact,  subject  is  the
       subject  of  the  server's  certificate, while vo is the name of the VO
       that owns the server. The default filenames are $PREFIX/etc/vomses  and

       Moreover,  permissions must be 644 if a file is specified, and 755 if a
       directory is specified

       The three options are synonyms. -confile and -userconf are  deprecated.
       -vomses should be used instead.

       -policy The file containing the policy expression.

       -policy-language pl

       -pl  pl  The  language  in  which  the  policy is expressed. Default is

       -path-length Maximum depth of proxy certfificate  that  can  be  signed
       from this.

       -globus   version  Underlying  Globus  version. This will influence the
       default value of the -proxyver.

       -proxyver Version of the proxy certificate to create. May be 2, 3 or 4.
       Default value is decided upon underlying globus version.

       -rfc  This  option  is  a  synonym  of  -proxyver  4 and it generates a
       RFC-compliant proxy.

       -old This option is a synonym of -proxyver 2 and it generates a  legacy

       -target   hostname  This  option targets the generated AC to a specific
       host. This option may be specified multiple times to allow for multiple

       -timeout   seconds  This option allows to specify the maximum number of
       seconds that voms-proxy-init will wait  while  trying  to  establish  a
       connection with the server. Its default value is -1 (unlimited).

       -noregen  Use  existing proxy to contact the server and to sing the new

       -separate  file Saves the voms credential on file file.

       -ignorewarn Ignore all warnings. They are not shown to the user.

       -failonwarn Warnings become failures. The program will  translates  all
       warnings into errors and will react accordingly, by returning a failure

       -list Instead of producing an attribute certificate,  this  optin  will
       print on screen a list of all attributes available to the user.

       -includeac  file Adds the VOMS AC in file to the proxy.


       EGEE Bug Tracking Tool:


       voms-proxy-info(1), voms-proxy-destroy(1)

       EDT Auth Home page:


       RPM                                                         repository:


       Vincenzo Ciaschini <>.

       Valerio Venturi <>.


       Copyright  (c)  Members  of  the  EGEE  Collaboration.  2004.  See  the
       beneficiaries list for details on the copyright holders.

       Licensed under the Apache License, Version 2.0 (the "License"); you may
       not use this file except in compliance with the License. You may obtain
       a copy of the License at

       Unless required by applicable law or agreed  to  in  writing,  software
       distributed  under  the  License  is  distributed  on an "AS IS" BASIS,
       WITHOUT WARRANTIES  OR  CONDITIONS  OF  ANY  KIND,  either  express  or
       implied.   See   the   License  for  the  specific  language  governing
       permissions and limitations under the License.


  All copyrights belong to their respective owners. Other content (c) 2014-2018, GNU.WIKI. Please report site errors to
Page load time: 0.355 seconds. Last modified: November 04 2018 12:49:43.