1VOMSDIR(5)                                                          VOMSDIR(5)
2
3
4

NAME

6       vomsdir - The structure of the vomsdir VOMS server trust anchor
7       directory
8

SYNOPSIS

10       /etc/grid-security/vomsdir
11

DESCRIPTION

13       This manual page describes the structure of the vomsdir VOMS server
14       trust anchor directory. The function of this directory is to keep local
15       information about trusted VOMS servers which is used to verify the
16       signatures on the attributes issued by VOMS servers.
17
18       The vomsdir directory is structured as follows:
19
20           <vomsdir>
21              |
22              |--vo1
23              |
24              |--vo2
25              |
26              |--vo3
27              |
28
29       A subdirectory is created for each of the trusted VOs. Inside each VO
30       directory two types of files can be found:
31
32       ·    LSC files An LSC file contains a description of the certificate
33           chain of the certificate used by a VOMS server to sign VOMS
34           attributes.
35
36       ·    X509 certificates The certificate used by a VOMS server to sign
37           attributes.
38
39       These files are commonly named using the following pattern:
40
41           <hostname>.lsc
42           <hostname>.pem
43
44       Where hostname is the host where the VOMS server is running.
45
46       When both lsc and pem files are present for a given VO and hostname,
47       the lsc file takes precedence.
48
49   LSC file syntax
50       The LSC file contains a list of X.509 subject strings, one on each
51       line, encoded in OpenSSL slash-separated syntax, describing the
52       certificate chain (up and including the CA that issued the
53       certificate). For instance, the voms.cnaf.infn.it VOMS server has the
54       following LSC file:
55
56           /C=IT/O=INFN/OU=Host/L=CNAF/CN=voms.cnaf.infn.it
57           /C=IT/O=INFN/CN=INFN CA
58

EXAMPLES

60       Assuming locally two VOs are trusted, the cms VO and the cdf VO, the
61       /etc/grid-security/vomsdir directory will be structured as follows:
62
63           /etc/grid-security/vomsdir
64           /etc/grid-security/vomsdir/cms
65           /etc/grid-security/vomsdir/cdf
66
67       The /etc/grid-security/vomsdir/cms directory will contain the following
68       files:
69
70           lcg-voms.cern.ch.lsc
71           voms.cern.ch.lsc
72
73       The /etc/grid-security/vomsdir/cdf directory will contain the following
74       files:
75
76           voms-01.pd.infn.it.lsc
77           voms.cnaf.infn.it.lsc
78           voms.fnal.gov.lsc
79
80       The LSC files will contain descriptions of the certificate chains used
81       by VOMS servers to sign attribute certificates.
82

BUGS

84       To report bugs or ask for support, use GGUS:
85       https://ggus.eu/pages/home.php
86

AUTHORS

88       Andrea Ceccanti <andrea.ceccanti@cnaf.infn.it>
89
90       Daniele Andreotti <daniele.andreotti@cnaf.infn.it>
91
92       Valerio Venturi <valerio.venturi@cnaf.infn.it>
93

SEE ALSO

95       voms-proxy-destroy(1), voms-proxy-info(1), voms-lsc(5)
96

COPYING

98       Copyright 2012 Istituto Nazionale di Fisica Nucleare
99
100       Licensed under the Apache License, Version 2.0 (the "License"); you may
101       not use this file except in compliance with the License. You may obtain
102       a copy of the License at
103
104           http://www.apache.org/licenses/LICENSE-2.0
105
106       Unless required by applicable law or agreed to in writing, software
107       distributed under the License is distributed on an "AS IS" BASIS,
108       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
109       implied. See the License for the specific language governing
110       permissions and limitations under the License.
111
112
113
114                                  11/20/2012                        VOMSDIR(5)
Impressum