Software Links
Getting Started
- A Globus Primer
- Globus Is Modular!
- Quickstart
- Installing GT
- Platform Notes
- GT Developer's Guide
- GT User's Guide
- Migrating Guides
Reference
Manuals
Common Runtime
Security
- GSI C
- GSI Java
- Java WS A&A
- C WS A&A (coming soon)
- CAS
- Delegation Service
- MyProxy
- GSI-OpenSSH
- SimpleCA
Data Mgt
WS MDS
Execution Mgt
Name
grid-default-ca — Set the default CA to use for certificate requests
Synopsis
grid-default-ca [-help] [-list] [-ca CA-HASH] [-dir SECURITY-DIRECTORY]
Description
The grid-default-ca program sets the default CA used by grid-cert-request. Based on the default CA choice, grid-cert-request will create a certificate request that matches the CA's naming policies.
If the -ca option is not provided on the command-line,
grid-default-ca will display a list of available
Certificate Authorities and prompt the user to choose one.
The full set of command-line options to grid-default-ca are:
| -help | Display a help message and exit |
| -list | List the available CAs but do not alter the default |
-ca CA-HASH | Select the default CA whose subject name hash
matches CA-HASH.
|
-dir SECURITY-DIRECTORY | Search
SECURITY-DIRECTORY for
additional CA certificates. |
Examples
Show what certificate authorities are in the trusted cert directory:
%grid-default-ca-listThe available CA configurations installed on this host are: Directory: /etc/grid-security/certificates 1) 1c3f2ca8 - /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1 2) 3d8e6ce8 - /O=Grid/CN=Example CA 3) 6349a761 - /O=DOE Science Grid/OU=Certificate Authorities/CN=Certificate Manager 4) b38b4d8c - /C=US/O=Globus Alliance/CN=Globus Certificate Service The default CA is: /C=US/O=Globus Alliance/CN=Globus Certificate Service Location: /etc/grid-security/certificates/b38b4d8c.0
Change the default CA to be DOEGrids CA 1:
%grid-default-caThe available CA configurations installed on this host are: Directory: /etc/grid-security/certificates 1) 1c3f2ca8 - /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1 2) 3d8e6ce8 - /O=Grid/CN=Example CA 3) 6349a761 - /O=DOE Science Grid/OU=Certificate Authorities/CN=Certificate Manager 4) b38b4d8c - /C=US/O=Globus Alliance/CN=Globus Certificate Service The default CA is: /C=US/O=Globus Alliance/CN=Globus Certificate Service Location: /etc/grid-security/certificates/b38b4d8c.0Enter the index number of the CA to set as the default [q to quit]:1setting the default CA to: /DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1 linking /etc/grid-security/certificates/grid-security.conf.1c3f2ca8 to /etc/grid-security/grid-security.conf linking /etc/grid-security/certificates/globus-host-ssl.conf.1c3f2ca8 to /etc/grid-security/globus-host-ssl.conf linking /etc/grid-security/certificates/globus-user-ssl.conf.1c3f2ca8 to /etc/grid-security/globus-user-ssl.conf ...done.