Get the Trusted Certificate Directory containing the trusted Certificate Authority certificates. This directory is determined in the order shown below. Failure in one method results in attempting the next.
1.
X509_CERT_DIR environment variable - if this is set, the trusted certificates will be searched for in that directory. This variable allows the end user to specify the location of trusted certificates.
2.
x509_cert_dir registry key - If this registry key is set on windows, the directory it points to should contain the trusted certificates. The path to the registry key is software\Globus\GSI
3.
\<user home directory>\.globus\certificates - If this directory exists, and the previous methods of determining the trusted certs directory failed, this directory will be used.
4.
Host Trusted Cert Dir - This location is intended to be independent of the globus installation ($GLOBUS_LOCATION), and is generally only writeable by the host system administrator.
5.
Globus Install Trusted Cert Dir - this is $GLOBUS_LOCATION\share\certificates.
Parameters:
cert_dir The trusted certificates directory
Returns:
GLOBUS_SUCCESS if no error occurred, and a sufficient trusted certificates directory was found. Otherwise, an error object identifier returned.
Get the Host Certificate and Key Filenames based on the current user's environment. The host cert and key are searched for in the following locations (in order):
1.
X509_USER_CERT and X509_USER_KEY environment variables
2.
registry keys x509_user_cert and x509_user_key in software\Globus\GSI
3.
<GLOBUS_LOCATION>\etc\host[cert|key].pem
4.
<users home directory>\.globus\host[cert|key].pem
Parameters:
host_cert pointer to the host certificate filename
host_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the host cert and key were found, otherwise an error object identifier is returned
Get the Service Certificate Filename based on the current user's environment. The host cert and key are searched for in the following locations (in order):
1.
X509_USER_CERT and X509_USER_KEY environment variables
2.
registry keys x509_user_cert and x509_user_key in software\Globus\GSI
3.
GLOBUS_LOCATION\etc\{service_name}\{service_name}[cert|key].pem So for example, if my service was named: myservice, the location of the certificate would be: GLOBUS_LOCATION\etc\myservice\myservicecert.pem
service_name The name of the service which allows us to determine the locations of cert and key files to look for
service_cert pointer to the host certificate filename
service_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the service cert and key were found, otherwise an error object identifier
Get the proxy cert filename based on the following search order: .PD 0
1.
X509_USER_PROXY environment variable - This environment variable is set by the at run time for the specific application. If the proxy_file_type variable is set to GLOBUS_PROXY_OUTPUT (a proxy filename for writing is requested), and the X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename string passed in. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and X509_USER_PROXY is set, but the file it points to does not exist, or has some other readability issues, the function will continue checking using the other methods available.
2.
check the registry key: x509_user_proxy. Just as with the environment variable, if the registry key is set, and proxy_file_type is GLOBUS_PROXY_OUTPUT, the string set to be the proxy filename will be this registry key's value. If proxy_file_type is GLOBUS_PROXY_INPUT, and the file doesn't exist, the function will check the next method for the proxy's filename.
3.
Check the default location for the proxy file. The default location should be set to reside in the temp directory on that host, with the filename taking the format: x509_u<user id> where <user id> is some unique string for that user on the host
Parameters:
user_proxy the proxy filename of the user
proxy_file_type Switch for determining whether to return a existing proxy filename or if a filename suitable for creating a proxy should be returned
Gets a list of trusted CA certificate filenames in a trusted CA certificate directory. Parameters:
ca_cert_dir The trusted CA certificate directory to get the filenames from
ca_cert_list The resulting list of CA certificate filenames. This is a a globus list structure.
See also:
globus_fifo_t
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
Get the Signing Policy Filename on the current system, based on the CA's subject name, and the trusted certificates directory. Parameters:
ca_name The X509 subject name of the CA to get the signing policy of. The hash of the CA is generated from this
cert_dir The trusted CA certificates directory, containing the singing_policy files of the trusted CA's.
signing_policy_filename The resulting singing_policy filename
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
Author
Generated automatically by Doxygen for globus gsi sysconfig from the source code.