Difference between revisions of "JGridstart/Dot-globus"
From PDP/Grid Wiki
Jump to navigationJump to searchm (add link) |
m |
||
| Line 5: | Line 5: | ||
* <tt>cog.properties</tt> - security properties used by [http://www-unix.globus.org/toolkit/cog.html Globus CoG], allows customising the others (!) [http://viewcvs.globus.org/viewcvs.cgi/jglobus/src/org/globus/common/CoGProperties.java?root=Java+COG&view=markup CogProperties] /([http://www-unix.globus.org/cog/distribution/1.4/api/org/globus/common/CoGProperties.html JavaDoc]) | * <tt>cog.properties</tt> - security properties used by [http://www-unix.globus.org/toolkit/cog.html Globus CoG], allows customising the others (!) [http://viewcvs.globus.org/viewcvs.cgi/jglobus/src/org/globus/common/CoGProperties.java?root=Java+COG&view=markup CogProperties] /([http://www-unix.globus.org/cog/distribution/1.4/api/org/globus/common/CoGProperties.html JavaDoc]) | ||
* <tt>certificates/</tt> - CA certificates to replace system's location when present (also in CogProperties). This directory contains files named by the hash code of each CA identity (can be obtained by running <tt>openssl x509 -in yourcert.pem -noout -hash</tt> on the CA certificate [http://globus.org/toolkit/docs/2.4/admin/guide-configure.html]) | * <tt>certificates/</tt> - CA certificates to replace system's location when present (also in CogProperties). This directory contains files named by the hash code of each CA identity (can be obtained by running <tt>openssl x509 -in yourcert.pem -noout -hash</tt> on the CA certificate [http://globus.org/toolkit/docs/2.4/admin/guide-configure.html]) | ||
| − | |||
** <tt><hash>.0</tt> - CA certificate | ** <tt><hash>.0</tt> - CA certificate | ||
** <tt><hash>.info</tt> - CA metadata [http://lists.canarie.ca/pipermail/tagpma-general/2007-July/001848.html] | ** <tt><hash>.info</tt> - CA metadata [http://lists.canarie.ca/pipermail/tagpma-general/2007-July/001848.html] | ||
Revision as of 10:37, 20 May 2009
Globus has a convention for storing and retrieving the user's key and certificate. On unix and related systems, this is a directory ~/.globus . This page discusses the files that can be present.
- userkey.pem - the user's private key in PEM format
- usercert.pem - the user's public certificate in PEM format
- cog.properties - security properties used by Globus CoG, allows customising the others (!) CogProperties /(JavaDoc)
- certificates/ - CA certificates to replace system's location when present (also in CogProperties). This directory contains files named by the hash code of each CA identity (can be obtained by running openssl x509 -in yourcert.pem -noout -hash on the CA certificate [1])
- <hash>.0 - CA certificate
- <hash>.info - CA metadata [2]
- <hash>.namespaces - signing policy namespace [3]
- <hash>.signing_policy - GSI signing policy. The CA signing policy is used to place constraints on the information you trust a given CA to bind to public keys. Specifically it constrains the identities a CA is trusted to assert in a certificate.
- <hash>.crl_url - URL of the corresponding certificate revocation list
- <hash>.r0 - copy of the certificate revocation list
Location of ~/.globus
Unix and related: ~/.globus Windows: c:\Documents and Settings\[your username]\.globus
