Difference between revisions of "JGridstart/Dot-globus"

From PDP/Grid Wiki
Jump to navigationJump to search
m
(add template)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
[http://www.globus.org/ Globus] has a convention for storing and retrieving the user's key and certificate. On unix and related systems, this is a directory ~/.globus . This page discusses the files that can be present.
+
{{JGridstart}}[http://www.globus.org/ Globus] has a convention for storing and retrieving the user's key and certificate. On unix and related systems, this is a directory ~/.globus . This page discusses the files that can be present.
  
 
* <tt>userkey.pem</tt> - the user's private key in PEM format
 
* <tt>userkey.pem</tt> - the user's private key in PEM format
Line 14: Line 14:
 
[http://www.arcs.org.au/products-services/authorisation-services/grix Grix] additionally uses the following files:
 
[http://www.arcs.org.au/products-services/authorisation-services/grix Grix] additionally uses the following files:
 
* <tt>usercert_request.pem</tt> - the original certificate signing request for the certificate
 
* <tt>usercert_request.pem</tt> - the original certificate signing request for the certificate
* <tt>usercert.p12</tt> -  
+
* <tt>usercert.p12</tt> - PKCS#12 file containing key and certificate
 
* <tt>(userkey|usercert_request|usercert).pem.new</tt> - key/csr/cert for pending renewal
 
* <tt>(userkey|usercert_request|usercert).pem.new</tt> - key/csr/cert for pending renewal
  
Line 21: Line 21:
 
* <tt>desktop.properties</tt> - settings (Java properties file)
 
* <tt>desktop.properties</tt> - settings (Java properties file)
  
Additional files:
+
[http://jgridstart.nikhef.nl/ jGridstart] and/or the [https://ca.dutchgrid.nl/ DutchGrid CA] use the following in their scripts
* <tt>userrequest.pem</tt> - certificate signing request used by some
+
* <tt>userrequest.pem</tt> - the original certificate signing request for the certificate
 +
* <tt>userinfo.properties</tt> - jGridstart settings (Java properties file)
  
 
==Location of <tt>~/.globus</tt>==
 
==Location of <tt>~/.globus</tt>==

Latest revision as of 12:39, 29 March 2012

<sidebar>

  • jGridstart
    • JGridstart|Home
    • JGridstart/Help|Help
    • JGridstart/Support|Support
  • jGridstart for ...
    • JGridstart/Certificate_Authorities|Certificate Authorities
    • JGridstart/Developers|Developers

</sidebar>Globus has a convention for storing and retrieving the user's key and certificate. On unix and related systems, this is a directory ~/.globus . This page discusses the files that can be present.

  • userkey.pem - the user's private key in PEM format
  • usercert.pem - the user's public certificate in PEM format
  • cog.properties - security properties used by Globus CoG, allows customising the others (!) CogProperties /(JavaDoc)
  • certificates/ - CA certificates to replace system's location when present (also in CogProperties). This directory contains files named by the hash code of each CA identity (can be obtained by running openssl x509 -in yourcert.pem -noout -hash on the CA certificate [1])
    • <hash>.0 - CA certificate
    • <hash>.info - CA metadata [2]
    • <hash>.namespaces - signing policy namespace [3]
    • <hash>.signing_policy - GSI signing policy. The CA signing policy is used to place constraints on the information you trust a given CA to bind to public keys. Specifically it constrains the identities a CA is trusted to assert in a certificate.
    • <hash>.crl_url - URL of the corresponding certificate revocation list
    • <hash>.r0 - copy of the certificate revocation list

Grix additionally uses the following files:

  • usercert_request.pem - the original certificate signing request for the certificate
  • usercert.p12 - PKCS#12 file containing key and certificate
  • (userkey|usercert_request|usercert).pem.new - key/csr/cert for pending renewal

The Java CoG Kit Desktop additionally has the following files:

  • cogreq.txt - CoG registration information
  • desktop.properties - settings (Java properties file)

jGridstart and/or the DutchGrid CA use the following in their scripts

  • userrequest.pem - the original certificate signing request for the certificate
  • userinfo.properties - jGridstart settings (Java properties file)

Location of ~/.globus

Unix and related: ~/.globus Windows: c:\Documents and Settings\[your username]\.globus

Links