grid-default-ca - Select default CA for certificate requests
-help | -h | -usage | -u | -version | -versions
| -list ] [OPTIONS]
program sets the default certificate authority to use
when the grid-cert-request
script is run. The CA’s certificate,
configuration, and signing policy must be installed in the trusted certificate
directory to be able to request certificates from that CA. Note that some CAs
have different policies and use other tools to handle certificate requests.
Please consult your CA’s support staff if you unsure. The
is designed to work with CAs implemented using the
By default, the grid-default-ca
program displays a list of installed CA
certificates and the prompts the user for which one to set as the default. If
invoked with the -list
command-line option, grid-default-ca
print the list and not prompt nor set the default CA. If invoked with the
option, it will not list or prompt, but set the default CA to the
one with the hash that matches the CA-HASH
argument to that option. If
is used to set the default CA, the caller of this
program must have write permissions to the trusted certificate directory.
program sets the CA in the one of the grid security
directories. It looks in the directory named by the GRID_SECURITY_DIR
environment, the X509_CERT_DIR environment, /etc/grid-security and
The full set of command-line options to grid-default-ca
-help, -h, -usage, -u
Display the command-line options to
grid-default-ca and exit.
Display the version number of the
grid-default-ca command. The second form includes more details.
Use the trusted certificate directory named by
CA-DIRECTORY instead of the default.
Instead of changing the default CA, print out
a list of all available CA certificates in the trusted certificate
Set the default CA without displaying the list
of choices or prompting. The CA file named by CA-HASH must exist.
List the contents of the trusted certificate directory that contain the string
% grid-default-ca | grep Example
15) cd1186ff - /DC=org/DC=Example/DC=Grid/CN=Example CA
Choose that CA as the default:
% grid-default-ca -ca cd1186ff
setting the default CA to: /DC=org/DC=Example/DC=Grid/CN=Example CA
linking /etc/grid-security/certificates/grid-security.conf.cd1186ff to
linking /etc/grid-security/certificates/grid-host-ssl.conf.cd1186ff to
linking /etc/grid-security/certificates/grid-user-ssl.conf.cd1186ff to
The following environment variables affect the execution of
:: Path to the default
trusted certificate directory. X509_CERT_DIR
:: Path to the default
trusted certificate directory. GLOBUS_LOCATION
:: Path to the Globus
Toolkit installation directory.
program displays CAs from all of the directories in
its search list; however, grid-cert-request
only uses the first which
contains a grid security configuration.
program may display the same CA multiple times if it
is located in multiple directories in its search path. However, it does not
provide any information about which one would actually be used by the
Copyright © 1999-2014 University of Chicago