1VOMS-PROXY-INIT(1)                VOMS Client               VOMS-PROXY-INIT(1)
2
3
4

NAME

6       voms-proxy-init - create a proxy with VOMS extensions
7

SYNOPSIS

9       voms-proxy-init [options]
10

DESCRIPTION

12       The voms-proxy-init generates a proxy with the VOMS information
13       included in a non critical extension.
14

OPTIONS

16       Options may be specified indifferently with either a "-" or "--"
17       prefix. The options from -help to -out are present for compatibility
18       with grid-proxy-init, and have the exact same meaning. The meaning of
19       the other ones is the following.
20
21       -help
22
23       -usage Displays usage
24
25       -version
26
27       Displays version
28
29       -debug Enables extra debug output
30
31       -quiet
32
33       -q Quiet mode, minimal output
34
35       -verify Verifies proxy
36
37       -pwstdin Allows passphrase from stdin
38
39       -limited Creates a limited proxy
40
41       -hours H Proxy is valid for H hours (default:12) This option is
42       deprecated and is only present for compatibility with grid-proxy-init,
43       since this option does not set the validity of the credentials returned
44       by VOMS. Use -valid instead.
45
46       -vomslife H Tries to get a pseudo cert with information valid for H
47       hours. The default is "as long as the proxy certificate". The special
48       value 0 means as long as the server will allow. This option is
49       deprecated, since it does not set the validity of the generated proxy.
50       Use -valid instead.
51
52       -valid HH:MM This option attempts to set the validity for both the
53       proxy and the credentials returned by the VOMS server. The latter
54       validity may however be shortened due to server policy. This option
55       obsoletes both -hours and -vomslife, and should be used in preference
56       to both
57
58       -bits B Number of bits in key {0|512|1024|2048|4096}. 0 is a special
59       value which means: same number of bits as in the issuing certificate.
60
61       -cert certfile Non-standard location of user certificate
62
63       -key keyfile Non-standard location of user key
64
65       -certdir certdir Non standard location where the trusted CAs
66       certificates are kept.
67
68       -out proxyfile Location of new proxy cert
69
70       -voms voms[:command] Specifies the VOMS server to contact using the
71       nickname voms. It also allows to send a specific command to the server.
72       The default command is :all, and it gets all group membership
73       information. Other commands are :/Role=rolename which grants the
74       rolename VO-wide role if the server allows it, and
75       :/group/Role=rolename which grants the role rolename only in the group
76       /group, again only if the server allows it.
77
78       Example : voms-proxy-init --voms myVO:/myVO/Role=VO-Admin
79
80       -order fqan Specified fqans, if present, are put on top of the list of
81       attributes returned by the server in the order in which they are passed
82       (using more -order call). The order of the others is not specified. If
83       some of the fqans are not returned no warning is given. Capability
84       selection is not supported.
85
86       -include file Includes file in the certificate (in a non critical
87       extension)
88
89       -conf file Read options from file.
90
91       -confile file
92
93       -userconf file
94
95       -vomses file Specifies the name of a configuration file from which a
96       list of nicknames is read. The format of the file is the following:
97       nick host port subject vo where nick is the nickname, host and port are
98       the hostname and port of the server to contact, subject is the subject
99       of the server's certificate, while vo is the name of the VO that owns
100       the server. The default filenames are $PREFIX/etc/vomses and
101       $HOME/.voms/vomses.
102
103       Moreover, permissions must be 644 if a file is specified, and 755 if a
104       directory is specified
105
106       The three options are synonyms. -confile and -userconf are deprecated.
107       -vomses should be used instead.
108
109       -policy The file containing the policy expression.
110
111       -policy-language pl
112
113       -pl pl The language in which the policy is expressed. Default is
114       IMPERSONATION_PROXY.
115
116       -path-length Maximum depth of proxy certfificate that can be signed
117       from this.
118
119       -globus version This option is obsolete and only present for backwards
120       compatibility with old installations. Currently, its value is ignored.
121
122       -proxyver Version of the proxy certificate to create. May be 2, 3 or 4.
123       Default value is decided upon underlying globus version.
124
125       -rfc This option is a synonym of -proxyver 4 and it generates a
126       RFC-compliant proxy.
127
128       -old This option is a synonym of -proxyver 2 and it generates a legacy
129       proxy.
130
131       -target hostname This option targets the generated AC to a specific
132       host. This option may be specified multiple times to allow for multiple
133       hosts.
134
135       -timeout seconds This option allows to specify the maximum number of
136       seconds that voms-proxy-init will wait while trying to establish a
137       connection with the server. Its default value is -1 (unlimited).
138
139       -noregen Use existing proxy to contact the server and to sing the new
140       proxy.
141
142       -separate file Saves the voms credential on file file.
143
144       -ignorewarn Ignore all warnings. They are not shown to the user.
145
146       -failonwarn Warnings become failures. The program will translates all
147       warnings into errors and will react accordingly, by returning a failure
148       itself.
149
150       -list Instead of producing an attribute certificate, this optin will
151       print on screen a list of all attributes available to the user.
152
153       -includeac file Adds the VOMS AC in file to the proxy.
154

BUGS

156       EGEE Bug Tracking Tool[1]
157

SEE ALSO

159       voms-proxy-info(1), voms-proxy-destroy(1)
160
161       EDT Auth Home page[2]
162
163       CVSweb[3]
164
165       RPM repository[4]
166

AUTHORS

168       Vincenzo Ciaschini <Vincenzo.Ciaschini@cnaf.infn.it>.
169
170       Valerio Venturi <Valerio.Venturi@cnaf.infn.it>.
171

COPYRIGHT

173       Copyright (c) Members of the EGEE Collaboration. 2004. See the
174       beneficiaries list for details on the copyright holders.
175
176       Licensed under the Apache License, Version 2.0 (the "License"); you may
177       not use this file except in compliance with the License. You may obtain
178       a copy of the License at
179
180       www.apache.org/licenses/LICENSE-2.0[5]
181
182       Unless required by applicable law or agreed to in writing, software
183       distributed under the License is distributed on an "AS IS" BASIS,
184       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
185       implied. See the License for the specific language governing
186       permissions and limitations under the License.
187

NOTES

189        1. EGEE Bug Tracking Tool
190           https://savannah.cern.ch/projects/jra1mdw/
191
192        2. EDT Auth Home page
193           http://grid-auth.infn.it
194
195        3. CVSweb
196           http://datagrid.in2p3.fr/cgi-bin/cvsweb.cgi/Auth/voms
197
198        4. RPM repository
199           http://datagrid.in2p3.fr/distribution/autobuild/i386-rh7.3
200
201        5. www.apache.org/licenses/LICENSE-2.0
202           http://www.apache.org/licenses/LICENSE-2.0
203
204
205
206VOMS Client                       05/03/2021                VOMS-PROXY-INIT(1)