'\" t
.\"     Title: voms-proxy-init
.\"    Author: [see the "Authors" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
.\"      Date: 05/03/2021
.\"    Manual: VOMS Client
.\"    Source: VOMS Client
.\"  Language: English
.\"
.TH "VOMS\-PROXY\-INIT" "1" "05/03/2021" "VOMS Client" "VOMS Client"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
voms-proxy-init \- create a proxy with VOMS extensions
.SH "SYNOPSIS"
.HP \w'\fBvoms\-proxy\-init\fR\ 'u
\fBvoms\-proxy\-init\fR [options]
.SH "DESCRIPTION"
.PP
The voms\-proxy\-init generates a proxy with the VOMS information included in a non critical extension\&.
.SH "OPTIONS"
.PP
Options may be specified indifferently with either a "\-" or "\-\-" prefix\&. The options from \-help to \-out are present for compatibility with grid\-proxy\-init, and have the exact same meaning\&. The meaning of the other ones is the following\&.
.PP
\fB\-help\fR
.PP
\fB\-usage\fR
Displays usage
.PP
\fB\-version\fR
.PP
Displays version
.PP
\fB\-debug\fR
Enables extra debug output
.PP
\fB\-quiet\fR
.PP
\fB\-q\fR
Quiet mode, minimal output
.PP
\fB\-verify\fR
Verifies proxy
.PP
\fB\-pwstdin\fR
Allows passphrase from stdin
.PP
\fB\-limited\fR
Creates a limited proxy
.PP
\fB\-hours\fR
\fIH\fR
Proxy is valid for
\fIH\fR
hours (default:12) This option is deprecated and is only present for compatibility with grid\-proxy\-init, since this option does not set the validity of the credentials returned by VOMS\&. Use \-valid instead\&.
.PP
\fB\-vomslife\fR
\fIH\fR
Tries to get a pseudo cert with information valid for
\fIH\fR
hours\&. The default is "as long as the proxy certificate"\&. The special value
0
means as long as the server will allow\&. This option is deprecated, since it does not set the validity of the generated proxy\&. Use \-valid instead\&.
.PP
\fB\-valid\fR
\fIHH:MM\fR
This option attempts to set the validity for both the proxy and the credentials returned by the VOMS server\&. The latter validity may however be shortened due to server policy\&. This option obsoletes both \-hours and \-vomslife, and should be used in preference to both
.PP
\fB\-bits\fR
\fIB\fR
Number of bits in key {0|512|1024|2048|4096}\&. 0 is a special value which means: same number of bits as in the issuing certificate\&.
.PP
\fB\-cert\fR
\fIcertfile\fR
Non\-standard location of user certificate
.PP
\fB\-key\fR
\fIkeyfile\fR
Non\-standard location of user key
.PP
\fB\-certdir\fR
\fIcertdir\fR
Non standard location where the trusted CAs certificates are kept\&.
.PP
\fB\-out\fR
\fIproxyfile\fR
Location of new proxy cert
.PP
\fB\-voms\fR
\fIvoms[:command]\fR
Specifies the VOMS server to contact using the nickname
\fIvoms\fR\&. It also allows one to send a specific command to the server\&. The default command is
\fB:all\fR, and it gets all group membership information\&. Other commands are
\fB:/Role=rolename\fR
which grants the
\fBrolename\fR
VO\-wide role if the server allows it, and
\fB:/group/Role=rolename\fR
which grants the role
\fBrolename\fR
only in the group
\fB/group\fR, again only if the server allows it\&.
.PP
Example : voms\-proxy\-init \-\-voms myVO:/myVO/Role=VO\-Admin
.PP
\fB\-order\fR
\fIfqan\fR
Specified fqans, if present, are put on top of the list of attributes returned by the server in the order in which they are passed (using more \-order call)\&. The order of the others is not specified\&. If some of the fqans are not returned no warning is given\&. Capability selection is not supported\&.
.PP
\fB\-include\fR
\fIfile\fR
Includes
\fIfile\fR
in the certificate (in a non critical extension)
.PP
\fB\-conf\fR
\fIfile\fR
Read options from
\fIfile\fR\&.
.PP
\fB\-confile\fR
\fIfile\fR
.PP
\fB\-userconf\fR
\fIfile\fR
.PP
\fB\-vomses\fR
\fIfile\fR
Specifies the name of a configuration file from which a list of nicknames is read\&. The format of the file is the following:
\fInick\fR
\fIhost\fR
\fIport\fR
\fIsubject\fR
\fIvo\fR
where nick is the nickname, host and port are the hostname and port of the server to contact, subject is the subject of the server\*(Aqs certificate, while vo is the name of the VO that owns the server\&. The default filenames are $PREFIX/etc/vomses and $HOME/\&.voms/vomses\&.
.PP
Moreover, permissions must be 644 if a file is specified, and 755 if a directory is specified
.PP
The three options are synonyms\&. \-confile and \-userconf are deprecated\&. \-vomses should be used instead\&.
.PP
\fB\-policy\fR
The file containing the policy expression\&.
.PP
\fB\-policy\-language\fR\fI pl\fR
.PP
\fB\-pl\fR\fI pl\fR
The language in which the policy is expressed\&. Default is IMPERSONATION_PROXY\&.
.PP
\fB\-path\-length\fR
Maximum depth of proxy certfificate that can be signed from this\&.
.PP
\fB\-globus\fR
\fIversion\fR
This option is obsolete and only present for backwards compatibility with old installations\&. Currently, its value is ignored\&.
.PP
\fB\-proxyver\fR
Version of the proxy certificate to create\&. May be 2, 3 or 4\&. Default value is decided upon underlying globus version\&.
.PP
\fB\-rfc\fR
This option is a synonym of
\fB\-proxyver 4\fR
and it generates a RFC\-compliant proxy\&.
.PP
\fB\-old\fR
This option is a synonym of
\fB\-proxyver 2\fR
and it generates a legacy proxy\&.
.PP
\fB\-target\fR
\fIhostname\fR
This option targets the generated AC to a specific host\&. This option may be specified multiple times to allow for multiple hosts\&.
.PP
\fB\-timeout\fR
\fIseconds\fR
This option allows one to specify the maximum number of seconds that voms\-proxy\-init will wait while trying to establish a connection with the server\&. Its default value is \-1 (unlimited)\&.
.PP
\fB\-noregen\fR
Use existing proxy to contact the server and to sing the new proxy\&.
.PP
\fB\-separate\fR
\fIfile\fR
Saves the voms credential on file
\fIfile\fR\&.
.PP
\fB\-ignorewarn\fR
Ignore all warnings\&. They are not shown to the user\&.
.PP
\fB\-failonwarn\fR
Warnings become failures\&. The program will translates all warnings into errors and will react accordingly, by returning a failure itself\&.
.PP
\fB\-list\fR
Instead of producing an attribute certificate, this optin will print on screen a list of all attributes available to the user\&.
.PP
\fB\-includeac\fR
\fIfile\fR
Adds the VOMS AC in
\fIfile\fR
to the proxy\&.
.SH "BUGS"
.PP
\m[blue]\fBEGEE Bug Tracking Tool\fR\m[]\&\s-2\u[1]\d\s+2
.SH "SEE ALSO"
.PP
voms\-proxy\-info(1), voms\-proxy\-destroy(1)
.PP
\m[blue]\fBEDT Auth Home page\fR\m[]\&\s-2\u[2]\d\s+2
.PP
\m[blue]\fBCVSweb\fR\m[]\&\s-2\u[3]\d\s+2
.PP
\m[blue]\fBRPM repository\fR\m[]\&\s-2\u[4]\d\s+2
.SH "AUTHORS"
.PP
Vincenzo Ciaschini
<Vincenzo\&.Ciaschini@cnaf\&.infn\&.it>\&.
.PP
Valerio Venturi
<Valerio\&.Venturi@cnaf\&.infn\&.it>\&.
.SH "COPYRIGHT"
.PP
Copyright (c) Members of the EGEE Collaboration\&. 2004\&. See the beneficiaries list for details on the copyright holders\&.
.PP
Licensed under the Apache License, Version 2\&.0 (the "License"); you may not use this file except in compliance with the License\&. You may obtain a copy of the License at
.PP
\m[blue]\fBwww\&.apache\&.org/licenses/LICENSE\-2\&.0\fR\m[]\&\s-2\u[5]\d\s+2
.PP
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied\&. See the License for the specific language governing permissions and limitations under the License\&.
.SH "NOTES"
.IP " 1." 4
EGEE Bug Tracking Tool
.RS 4
\%https://savannah.cern.ch/projects/jra1mdw/
.RE
.IP " 2." 4
EDT Auth Home page
.RS 4
\%http://grid-auth.infn.it
.RE
.IP " 3." 4
CVSweb
.RS 4
\%http://datagrid.in2p3.fr/cgi-bin/cvsweb.cgi/Auth/voms
.RE
.IP " 4." 4
RPM repository
.RS 4
\%http://datagrid.in2p3.fr/distribution/autobuild/i386-rh7.3
.RE
.IP " 5." 4
www.apache.org/licenses/LICENSE-2.0
.RS 4
\%http://www.apache.org/licenses/LICENSE-2.0
.RE