GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
xrdgsitest(1) FreeBSD General Commands Manual xrdgsitest(1)

xrdgsitest - test crypto functionality relevant for the GSI implementation 

xrdgsitest [-h, --help] [-v, --verbose]

The xrdgsitest utility runs a few tests of the crypto functionality implemented in XrdCrypto relevant for the XrdSecgsi module, i.e. handling of certificates, proxies, chains, verification and similar actions.

-h, --help display help
-v, --verbose
Print very detailed information about the tests.

The program needs access to a user certificate file and its private key, and the related CA file(s); the CRL is downloaded using the information found in the CA certificate. The location of the files are the standard ones and they can modified by the standard environment variables:
X509_USER_CERT [$HOME/.globus/usercert.pem] user certificate
X509_USER_KEY [$HOME/.globus/userkey.pem] user private key
X509_USER_PROXY [/tmp/x509up_u<uid>] user proxy
X509_CERT_DIR [/etc/grid-security/certificates/] CA certificates and CRL directories

The output is a list of PASSED/FAILED test similar to
$ xrdgsitest

|| ---------------------------------------------------------------------------------
|| Crypto functionality tests for GSI ----------------------------------------------
|| ---------------------------------------------------------------------------------
|| Loading EEC ............................................................. PASSED
|| Loading User Proxy ...................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Recreate the proxy certificate --------------------------------------------------
Enter PEM pass phrase:
|| Recreating User Proxy ................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Load CA certificates ------------------------------------------------------------
|| Loading CA certificate .................................................. PASSED
|| Loading CA certificate .................................................. PASSED
|| ---------------------------------------------------------------------------------
|| Testing ParseFile ---------------------------------------------------------------
|| Chain reorder: ......................................................... PASSED
|| Chain verify: .......................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing ExportChain -------------------------------------------------------------
|| Attach to X509ExportChain ............................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing Chain Import ------------------------------------------------------------
|| Chain reorder: ......................................................... PASSED
|| Chain verify: .......................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing GSI chain import and verification ---------------------------------------
|| GSI chain verify: ...................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing GSI chain copy ----------------------------------------------------------
|| GSI chain verify: ...................................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing Cert verification -------------------------------------------------------
|| verify cert: EE signed by CA ............................................ PASSED
|| verify cert: PX signed by EE ............................................ PASSED
|| verify cert: PX not signed by CA ........................................ PASSED
|| ---------------------------------------------------------------------------------
|| Testing request creation --------------------------------------------------------
|| Creating request ........................................................ PASSED
|| ---------------------------------------------------------------------------------
|| Testing request signature -------------------------------------------------------
|| Check proxyCertInfo extension ........................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing export of signed proxy --------------------------------------------------
|| Saving signed proxy chain to file ....................................... PASSED
|| ---------------------------------------------------------------------------------
|| Testing CRL identification ------------------------------------------------------
|| Check CRL distribution points extension OK .............................. PASSED
|| ---------------------------------------------------------------------------------
|| Testing CRL loading -------------------------------------------------------------
--2016-12-12 19:31:36-- http://cafiles.cern.ch/cafiles/crl/CERN%20Root%20Certification%20Authority%202.crl
Resolving cafiles.cern.ch (cafiles.cern.ch)... 137.138.4.52, 2001:1458:201:96::100:26
Connecting to cafiles.cern.ch (cafiles.cern.ch)|137.138.4.52|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1097 (1.1K) [application/pkix-crl]
Saving to: ‘/tmp/5168735f.0.crltmp’

/tmp/5168735f.0.crltmp 100%[========================================================================>] 1.07K --.-KB/s in 0s

2016-12-12 19:31:36 (383 MB/s) - ‘/tmp/5168735f.0.crltmp’ saved [1097/1097]

|| Loading CA1 crl ......................................................... PASSED
|| CRL signature OK ........................................................ PASSED
|| ---------------------------------------------------------------------------------

The result of each test can be interleaved with details when the verbose option is chosen.

License terms can be displayed by typing "xrootd -H".

The xrdgsitest command is supported by the xrootd collaboration. Contact information can be found at
http://xrootd.org/contact.html
v4.10.0
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.