Display information about a proxy certificate
grid-proxy-info [-help] [-usage] [-version] grid-proxy-info [[-subject] | [-s]]
[[-issuer] | [-i]]
[-identity] [-type] [-timeleft] [-strength] [-all] [-text] [-path] [-rfc2253]
[{-exists | -e}
[[-valid HOURS:MINUTES] | [-v HOURS:MINUTES]]
[[-hours HOURS] | [-h HOURS]]
[[-bits BITS] | [-b BITS]]]
The grid-proxy-info program extracts information from an X.509 proxy certificates, and optionally displays or returns an exit code based on that information.
The default mode of operation is to print the following facts about the current user\'s default proxy: subject, issuer, identity, type, strength, path, and time left. If the command-line option -exists or -e is included in the command-line, nothing is printed unless one of the print options is specified. Instead, grid-proxy-info determines if a valid proxy exists and, if so, exits with the exit code 0; if a proxy does not exist or is not valid, grid-proxy-info exits with the exit code 1. Additional validity criteria can be added by using the -valid, -v, -hours, -h, -bits, or -b command-line options. If used, these options must occur after the -e or -exists command-line options. Those options are only valid if one of the -e or -exists command-line options is used.
The complete set of command-line options to grid-proxy-info are:
-help, -usage
Display the command-line options to grid-proxy-info.
-version
Display the version number of the grid-proxy-info command
-debug
Display verbose error messages.
-file PROXYFILE, -f PROXYFILE
Read the proxy located in the file PROXYFILE instead of using the default proxy.
-subject, -s
Display the proxy certificate\'s subject distinguished name.
-issuer, -i
Display the proxy certificate issuer\'s distinguished name.
-identity
Display the proxy certificate\'s identity. For non-independent proxies, the identity is the subject of the certificate which issued the first proxy in the proxy chain.
-type
Display the type of proxy certificate. The type string includes the format ("legacy", "draft", or RFC 3280 compliant), identity type ("impersonation" or "independent"), and policy ("limited" or "full"). See grid-proxy-init(1) for information about how to create different types of proxies.
-timeleft
Display the number of seconds remaining until the proxy certificate expires.
-strength
Display the strength (in bits) of the key associated with the proxy certificate.
-all
Display the default information for the proxy when also using the -e or -exists command-line option.
-text
Display the proxy certificate contents to standard output, including policy information, issuer, public key, and modulus.
-path
Display the path to the file containing the default proxy certificate.
-rfc2253
Display distinguished names for the subject, issuer, and identity using the string representation described in RFC 2253, instead of the legacy format.
-exists, -e
Perform an existence and validity check for the proxy. If a valid proxy exists and matches the criteria described by other command-line options (if any), exit with 0; otherwise, exit with 1. This option must be before other validity check predicate in the command-line options. If this option is specified, the output of the default facts about the proxy is disabled. Use the -all option to have the information displayed as well as the exit code set.
-valid HOURS:MINUTES, -v HOURS:MINUTES, -hours HOURS, -h HOURS
Check that the proxy certificate is valid for at least HOURS hours and MINUTES minutes. If it is not, grid-proxy-info will exit with exit code 1.
-bits BITS, -b BITS
Check that the proxy certificate key strength is at least BITS bits.
The following environment variables affect the execution of grid-proxy-info:
X509_USER_PROXY
Path to the default user proxy.
University of Chicago