Options may be specified indifferently with either a "-" or "--" prefix. The options from -help to -out
are present for compatibility with grid-proxy-init, and have the exact same meaning. The meaning of the
other ones is the following.
-help-usage Displays usage
-version
Displays version
-debug Enables extra debug output
-quiet-q Quiet mode, minimal output
-verify Verifies proxy
-pwstdin Allows passphrase from stdin
-limited Creates a limited proxy
-hoursH Proxy is valid for H hours (default:12) This option is deprecated and is only present for
compatibility with grid-proxy-init, since this option does not set the validity of the credentials
returned by VOMS. Use -valid instead.
-vomslifeH Tries to get a pseudo cert with information valid for H hours. The default is "as long as the
proxy certificate". The special value 0 means as long as the server will allow. This option is
deprecated, since it does not set the validity of the generated proxy. Use -valid instead.
-validHH:MM This option attempts to set the validity for both the proxy and the credentials returned by
the VOMS server. The latter validity may however be shortened due to server policy. This option obsoletes
both -hours and -vomslife, and should be used in preference to both
-bitsB Number of bits in key {0|512|1024|2048|4096}. 0 is a special value which means: same number of
bits as in the issuing certificate.
-certcertfile Non-standard location of user certificate
-keykeyfile Non-standard location of user key
-certdircertdir Non standard location where the trusted CAs certificates are kept.
-outproxyfile Location of new proxy cert
-vomsvoms[:command] Specifies the VOMS server to contact using the nickname voms. It also allows one to
send a specific command to the server. The default command is :all, and it gets all group membership
information. Other commands are :/Role=rolename which grants the rolename VO-wide role if the server
allows it, and :/group/Role=rolename which grants the role rolename only in the group /group, again only
if the server allows it.
Example : voms-proxy-init --voms myVO:/myVO/Role=VO-Admin
-orderfqan Specified fqans, if present, are put on top of the list of attributes returned by the server
in the order in which they are passed (using more -order call). The order of the others is not specified.
If some of the fqans are not returned no warning is given. Capability selection is not supported.
-includefile Includes file in the certificate (in a non critical extension)
-conffile Read options from file.
-confilefile-userconffile-vomsesfile Specifies the name of a configuration file from which a list of nicknames is read. The
format of the file is the following: nickhostportsubjectvo where nick is the nickname, host and port
are the hostname and port of the server to contact, subject is the subject of the server's certificate,
while vo is the name of the VO that owns the server. The default filenames are $PREFIX/etc/vomses and
$HOME/.voms/vomses.
Moreover, permissions must be 644 if a file is specified, and 755 if a directory is specified
The three options are synonyms. -confile and -userconf are deprecated. -vomses should be used instead.
-policy The file containing the policy expression.
-policy-languagepl-plpl The language in which the policy is expressed. Default is IMPERSONATION_PROXY.
-path-length Maximum depth of proxy certfificate that can be signed from this.
-globusversion This option is obsolete and only present for backwards compatibility with old
installations. Currently, its value is ignored.
-proxyver Version of the proxy certificate to create. May be 2, 3 or 4. Default value is decided upon
underlying globus version.
-rfc This option is a synonym of -proxyver4 and it generates a RFC-compliant proxy.
-old This option is a synonym of -proxyver2 and it generates a legacy proxy.
-targethostname This option targets the generated AC to a specific host. This option may be specified
multiple times to allow for multiple hosts.
-timeoutseconds This option allows one to specify the maximum number of seconds that voms-proxy-init
will wait while trying to establish a connection with the server. Its default value is -1 (unlimited).
-noregen Use existing proxy to contact the server and to sing the new proxy.
-separatefile Saves the voms credential on file file.
-ignorewarn Ignore all warnings. They are not shown to the user.
-failonwarn Warnings become failures. The program will translates all warnings into errors and will react
accordingly, by returning a failure itself.
-list Instead of producing an attribute certificate, this optin will print on screen a list of all
attributes available to the user.
-includeacfile Adds the VOMS AC in file to the proxy.
Install Now
PNG Icons
