Provided by: nordugrid-arc-client_1.1.1-1_amd64 bug


       arcproxy - ARC Credentials Proxy generation utility


       arcproxy [OPTION]


       arcproxy generates proxy credentials (general proxy certificate, or proxy certificate with
       voms AC extenstion) from private key and certificate of user.


       -d     level of information printed. Possible values are DEBUG,  VERBOSE,  INFO,  WARNING,
              ERROR and FATAL.

       -P     location of generated credentials proxy file

       -C     location of X509 certificate file

       -K     location of private key file

       -T     path to trusted certificate directory, only needed for voms client functionality

       -V     path to voms server configuration file, only needed for voms client functionality

       -S     voms<:command>. Specify voms server.
                            :command is optional, and is used to ask for specific attributes(e.g:
                            command option is:
                            all --- put all of this DN's attributes into AC;
                            list ---list all of the DN's attribute,will not create AC extension;
                            /Role=yourRole --- specify the role, if this DN
                                             has such a role, the role will be put into AC
                            /voname/groupname/Role=yourRole --- specify the vo,group and role  if
              this DN
                                             has such a role, the role will be put into AC

       -o     group<:role>. Specify ordering of attributes.
                            Example:                                                      --order
                            or:       --order        /        --order
                            Note that it does not make sense to specify the order if you have two
              or more different voms server specified

       -G     use GSI communication protocol for contacting VOMS services

       -O     use GSI proxy (RFC 3820 compliant proxy is default)

       -I     print all information about this proxy.
                            In order to show the Identity (DN without CN as subfix for proxy)
                            of the certificate, the 'trusted certdir' is needed.

       -r     Remove the proxy file.

       -U     Username to myproxy server.

       -L     hostname of myproxy server optinally followed by colon and port number, e.g.
                   If the port number has not
                            been specified, 7512 is used by default.

       -M     command to myproxy server. The command can be PUT and GET.
                            PUT/put -- put a delegated credential to myproxy server;
                            GET/get -- get a delegated credential from myproxy server,
                            credential (certificate and key) is not needed in this case;
                            myproxy functionality can be used together with voms functionality.

       -R     Allow specified entity to retrieve credential without passphrase.
                            This option is specific for the PUT command when  contacting  Myproxy

       -N     don't  prompt  for  a  credential  passphrase,  when  retrieve a credential from on
              MyProxy server.
                            The precondition of this choice is the credential is PUT onto
                            the   MyProxy   server   without   a   passphrase   by    using    -R
                            option when being PUTing onto Myproxy server.
                            This  option  is specific for the GET command when contacting Myproxy

       -c     constraints of proxy certificate. Currently following constraints are supported:

              validityStart=time - time when certificate becomes valid. Default is now.

              validityEnd=time - time when certificate becomes  invalid.  Default  is  43200  (12
              hours) from start for local proxy and 7 days for delegated to MyProxy.

              validityPeriod=time  -  for  how  long  certificate  is valid. Default is 43200 (12
              hours)for local proxy and 7 days for delegated to MyProxy.

              vomsACvalidityPeriod=time - for how long the AC is valid.  Default  is  shorter  of
              validityPeriod and 12 hours.

              myproxyvalidityPeriod=time  -  lifetime  of  proxies  delegated  by myproxy server.
              Default is shorter of validityPeriod and 12 hours.

              proxyPolicy=policy content - assigns specified string to  proxy  prolicy  to  limit
              it's functionality.

       -h     prints short usage description

       If  not  specified  location  of  certificate, key and proxy will be taken from content of
       environment variables X509_USER_CERT, X509_USER_KEY and X509_USER_PROXY.


       Report bugs to


              The location where ARC is installed can be  specified  by  this  variable.  If  not
              specified  the  install  location  will  be determined from the path to the command
              being executed, and if this fails a WARNING will  be  given  stating  the  location
              which will be used.

              The  location  of ARC plugins can be specified by this variable. Multiple locations
              can be specified by separating them by : (; in Windows). The  default  location  is
              $ARC_LOCATION/lib/arc (\ in Windows).


       APACHE LICENSE Version 2.0


              Common  file  containing  a list of selected VO contact point, one VO per line, for

              "gin"                          ""                           "15050"
              "/O=dutchgrid/O=hosts/" ""

              ""                      ""                      "15015"
              "/O=Grid/O=NorduGrid/CN=host/" ""

              Same as /etc/vomses but located in user's home area. If exists, has precedence over

              The order of the parsing of vomses location is:

                     1. command line options
                     2. $X509_VOMSES  or $X509_VOMS_FILE
                     3. client configuration file ~/.arc/client.conf
                     4. ~/.voms/vomses
                     5. ~/.arc/vomses
                     6. /etc/grid-security/vomses
                     7. $ARC_LOCATION/etc/grid-security/vomses  (this is for Windows environment)

              Some  options  can  be  given  default  values by specifying them in the ARC client
              configuration file. By using the --conffile option a different  configuration  file
              can be used than the default.


       Weizhong Qiang <>


       arccat(1),   arcclean(1),   arccp(1),   arcget(1),   arcinfo(1),   arckill(1),   arcls(1),
       arcmigrate(1), arcrenew(1), arcresub(1), arcresume(1),  arcrm(1),  arcstat(1),  arcsub(1),
       arcsync(1), arctest(1)