The grid-cert-info displays information from a user's credential, or from any X.509 certificate if the -file CERTIFICATE-FILENAME is used. By default, a text representation of the entire certificate is displayed. If more than one display option is present on the command line, the output is generated in the order the options occur on the command line.

The following search order is used to locate the default certificate:

$X509_USER_CERT
$HOME/.globus/usercert.pem
$HOME/.globus/usercred.p12

If the certificate is encoded in pkcs12, grid-cert-info will prompt for the password used to protect the .p12 file.

The full set of command-line options to grid-cert-info is:

`-help`	Print help information and exit
`-version`	Print version information and exit
`-file CERTIFICATE-FILENAME`	Read credential from `CERTIFICATE-FILENAME` instead of the default location. The file must have a `.pem` or `.p12` extension.
`-all`	Print all information from the certificate. This is the default unless any of the following options are given.
`-subject`	Print the subject name of the certificate.
`-issuer`	Print the subject name of the issuer of the certificate. This is the subject name of the Certificate Authority which signed the certificate.
`-issuerhash`	Print the hash of the name of the issuer of the certificate. This is the hash of the Certificate Authority which signed the certificate.
`-startdate`	Print the date and time from which the certificate is valid
`-enddate`	Print the date and time when the certificate expires.

Examples

Print out the date range when a certificate is valid:

% grid-cert-info -startdate -enddate

Oct 29 13:09:42 2007 GMT
Oct 28 13:09:42 2008 GMT

Note that in this example, the start date is printed first, based on the order of the command-line options.

Limitations

The -issuerhash fails with some versions of OpenSSL.

Prev	Up	Next
grid-cert-diagnostics	Home	grid-cert-request