Every user
has to acquire two credentials with the command voms-proxy-init: One from the
guidelines and one from his/her real VO's
VOMS server. The existence of _both_ credentials would be checked at the
resource (i.e. LCAS/LCMAPS, edg-java-security
etc.)
Local
Centre Authorisation Service
a
site-local service to ensure that local policies are respected.
/opt/edg/bin/edg-voms-proxy-init:
Options
-help, -usage Displays usage
-version Displays version
-debug Enables extra debug
output
-q Quiet mode, minimal
output
-verify Verifies certificate to make
proxy for
-pwstdin Allows passphrase from
stdin
-limited Creates a limited proxy
-hours H Proxy is valid for H hours
(default:12)
-bits
B Number of bits
in key {512|1024|2048|4096}
-cert
<certfile> Non-standard
location of user certificate
-key
<keyfile> Non-standard
location of user key
-certdir
<certdir> Non-standard
location of trusted cert dir
-out
<proxyfile> Non-standard
location of new proxy cert
-vo <voname> Specifies a particular VO.
-novo Doesn't specify a
particular VO (default).
-voms <voms<:command>> Specify voms server. :command is
optional.
--order <group<:role>> Specify ordering of attributes.
-vomslife <H> Try to get a VOMS pseudocert valid
for H hours.
-include <file> Include the contents of the specified
file.
-conf <file> Read options from
<file>.
-confile <file> Non-standard location of voms server
addresses.
-userconf <file> Non-standard location of user-defined
voms server ad
dresses.
-print Print data instead of
creating certificates.
-globus Globus version.
-noregen Doesn't regenerate a new proxy
for the connection.
-separate <file> Saves the informations returned by the
server on fil
e
<file>.