'\" t .\" Title: grid-default-ca .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets vsnapshot .\" Date: 03/31/2018 .\" Manual: Grid Community Toolkit Manual .\" Source: Grid Community Toolkit 6 .\" Language: English .\" .TH "GRID\-DEFAULT\-CA" "8" "03/31/2018" "Grid Community Toolkit 6" "Grid Community Toolkit Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" grid-default-ca \- Select default CA for certificate requests .SH "SYNOPSIS" .sp \fBgrid\-default\-ca\fR \-help | \-h | \-usage | \-u | \-version | \-versions .sp \fBgrid\-default\-ca\fR [\-ca \fICA\-HASH\fR | \-list ] [OPTIONS] .SH "DESCRIPTION" .sp The \fBgrid\-default\-ca\fR program sets the default certificate authority to use when the \fBgrid\-cert\-request\fR script is run\&. The CA\(cqs certificate, configuration, and signing policy must be installed in the trusted certificate directory to be able to request certificates from that CA\&. Note that some CAs have different policies and use other tools to handle certificate requests\&. Please consult your CA\(cqs support staff if you unsure\&. The \fBgrid\-default\-ca\fR is designed to work with CAs implemented using the \fBglobus_simple_ca\fR package\&. .sp By default, the \fBgrid\-default\-ca\fR program displays a list of installed CA certificates and the prompts the user for which one to set as the default\&. If invoked with the \fI\-list\fR command\-line option, \fBgrid\-default\-ca\fR will print the list and not prompt nor set the default CA\&. If invoked with the \fI\-ca\fR option, it will not list or prompt, but set the default CA to the one with the hash that matches the \fICA\-HASH\fR argument to that option\&. If \fBgrid\-default\-ca\fR is used to set the default CA, the caller of this program must have write permissions to the trusted certificate directory\&. .sp The \fBgrid\-default\-ca\fR program sets the CA in the one of the grid security directories\&. It looks in the directory named by the GRID_SECURITY_DIR environment, the X509_CERT_DIR environment, /etc/grid\-security and $GLOBUS_LOCATION/share/certificates\&. .SH "OPTIONS" .sp The full set of command\-line options to \fBgrid\-default\-ca\fR are: .PP \fB\-help, \-h, \-usage, \-u\fR .RS 4 Display the command\-line options to \fBgrid\-default\-ca\fR and exit\&. .RE .PP \fB\-version, \-versions\fR .RS 4 Display the version number of the \fBgrid\-default\-ca\fR command\&. The second form includes more details\&. .RE .PP \fB\-dir \fR\fB\fICA\-DIRECTORY\fR\fR .RS 4 Use the trusted certificate directory named by \fICA\-DIRECTORY\fR instead of the default\&. .RE .PP \fB\-list\fR .RS 4 Instead of changing the default CA, print out a list of all available CA certificates in the trusted certificate directory\&. .RE .PP \fB\-ca \fR\fB\fICA\-HASH\fR\fR .RS 4 Set the default CA without displaying the list of choices or prompting\&. The CA file named by \fICA\-HASH\fR must exist\&. .RE .SH "EXAMPLES" .sp List the contents of the trusted certificate directory that contain the string Example: .sp .if n \{\ .RS 4 .\} .nf % grid\-default\-ca | grep Example 15) cd1186ff \- /DC=org/DC=Example/DC=Grid/CN=Example CA .fi .if n \{\ .RE .\} .sp Choose that CA as the default: .sp .if n \{\ .RS 4 .\} .nf % grid\-default\-ca \-ca cd1186ff setting the default CA to: /DC=org/DC=Example/DC=Grid/CN=Example CA linking /etc/grid\-security/certificates/grid\-security\&.conf\&.cd1186ff to /etc/grid\-security/certificates/grid\-security\&.conf linking /etc/grid\-security/certificates/grid\-host\-ssl\&.conf\&.cd1186ff to /etc/grid\-security/certificates/grid\-host\-ssl\&.conf linking /etc/grid\-security/certificates/grid\-user\-ssl\&.conf\&.cd1186ff to /etc/grid\-security/certificates/grid\-user\-ssl\&.conf \&.\&.\&.done\&. .fi .if n \{\ .RE .\} .SH "ENVIRONMENT" .sp The following environment variables affect the execution of \fBgrid\-default\-ca\fR: \fBGRID_SECURITY_DIRECTORY\fR:: Path to the default trusted certificate directory\&. \fBX509_CERT_DIR\fR:: Path to the default trusted certificate directory\&. \fBGLOBUS_LOCATION\fR:: Path to the Grid Community Toolkit installation directory\&. .SH "BUGS" .sp The \fBgrid\-default\-ca\fR program displays CAs from all of the directories in its search list; however, \fBgrid\-cert\-request\fR only uses the first which contains a grid security configuration\&. .sp The \fBgrid\-default\-ca\fR program may display the same CA multiple times if it is located in multiple directories in its search path\&. However, it does not provide any information about which one would actually be used by the \fBgrid\-cert\-request\fR command\&. .SH "SEE ALSO" .sp grid\-cert\-request(1) .SH "AUTHOR" .sp Copyright \(co 1999\-2014 University of Chicago