Provided by: voms-clients_2.0.6-3build1_amd64 bug


       voms-proxy-init - create a proxy with VOMS extensions


       voms-proxy-init [options]


       The voms-proxy-init generates a proxy with the VOMS information included in a non critical


       Options may be specified indifferently with either a "-" or "--" prefix. The options  from
       -help  to -out are present for compatibility with grid-proxy-init, and have the exact same
       meaning. The meaning of the other ones is the following.


       -usage Displays usage


       Displays version

       -debug Enables extra debug output


       -q Quiet mode, minimal output

       -verify Verifies proxy

       -pwstdin Allows passphrase from stdin

       -limited Creates a limited proxy

       -hours  H Proxy is valid for H hours (default:12) This option is deprecated  and  is  only
       present  for  compatibility  with  grid-proxy-init,  since  this  option  does not set the
       validity of the credentials returned by VOMS. Use -valid instead.

       -vomslife  H Tries to get a pseudo cert with information valid for H hours. The default is
       "as  long  as the proxy certificate". The special value 0 means as long as the server will
       allow. This option is deprecated, since it does not set  the  validity  of  the  generated
       proxy. Use -valid instead.

       -valid   HH:MM  This  option  attempts  to  set  the  validity  for both the proxy and the
       credentials returned by the VOMS server. The latter validity may however be shortened  due
       to  server  policy. This option obsoletes both -hours and -vomslife, and should be used in
       preference to both

       -bits  B Number of bits in key {0|512|1024|2048|4096}. 0 is a special value  which  means:
       same number of bits as in the issuing certificate.

       -cert  certfile Non-standard location of user certificate

       -key  keyfile Non-standard location of user key

       -certdir  certdir Non standard location where the trusted CAs certificates are kept.

       -out  proxyfile Location of new proxy cert

       -voms   voms[:command]  Specifies  the  VOMS server to contact using the nickname voms. It
       also allows to send a specific command to the server. The default command is :all, and  it
       gets all group membership information. Other commands are :/Role=rolename which grants the
       rolename VO-wide role if the server allows it, and :/group/Role=rolename which grants  the
       role rolename only in the group /group, again only if the server allows it.

       Example : voms-proxy-init --voms myVO:/myVO/Role=VO-Admin

       -order   fqan  Specified  fqans,  if  present,  are  put  on top of the list of attributes
       returned by the server in the order in which they are passed (using more -order call). The
       order  of the others is not specified. If some of the fqans are not returned no warning is
       given. Capability selection is not supported.

       -include  file Includes file in the certificate (in a non critical extension)

       -conf  file Read options from file.

       -confile  file

       -userconf  file

       -vomses  file Specifies the name of a configuration file from which a list of nicknames is
       read. The format of the file is the following: nick  host  port  subject  vo where nick is
       the nickname, host and port are the hostname and port of the server to contact, subject is
       the  subject  of  the  server's  certificate, while vo is the name of the VO that owns the
       server. The default filenames are /etc/vomses and $HOME/.voms/vomses.

       Moreover, permissions must be 644 if a file is  specified,  and  755  if  a  directory  is

       The  three  options are synonyms. -confile and -userconf are deprecated. -vomses should be
       used instead.

       -policy The file containing the policy expression.

       -policy-language pl

       -pl pl The language in which the policy is expressed. Default is IMPERSONATION_PROXY.

       -path-length Maximum depth of proxy certfificate that can be signed from this.

       -globus  version Underlying Globus version. This will influence the default value  of  the

       -proxyver  Version  of the proxy certificate to create. May be 2, 3 or 4. Default value is
       decided upon underlying globus version.

       -rfc This option is a synonym of -proxyver 4 and it generates a RFC-compliant proxy.

       -old This option is a synonym of -proxyver 2 and it generates a legacy proxy.

       -target  hostname This option targets the generated AC to a specific host. This option may
       be specified multiple times to allow for multiple hosts.

       -timeout   seconds  This  option  allows  to  specify  the  maximum number of seconds that
       voms-proxy-init will wait while trying to establish a  connection  with  the  server.  Its
       default value is -1 (unlimited).

       -noregen Use existing proxy to contact the server and to sing the new proxy.

       -separate  file Saves the voms credential on file file.

       -ignorewarn Ignore all warnings. They are not shown to the user.

       -failonwarn Warnings become failures. The program will translates all warnings into errors
       and will react accordingly, by returning a failure itself.

       -list Instead of producing an attribute certificate, this optin will  print  on  screen  a
       list of all attributes available to the user.

       -includeac  file Adds the VOMS AC in file to the proxy.


       EGEE Bug Tracking Tool:


       voms-proxy-info(1), voms-proxy-destroy(1)

       EDT Auth Home page:


       RPM repository:


       Vincenzo Ciaschini <>.

       Valerio Venturi <>.


       Copyright  (c)  Members  of  the  EGEE Collaboration. 2004. See the beneficiaries list for
       details on the copyright holders.

       Licensed under the Apache License, Version 2.0 (the "License"); you may not use this  file
       except in compliance with the License. You may obtain a copy of the License at

       Unless  required by applicable law or agreed to in writing, software distributed under the
       License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY  KIND,
       either express or implied. See the License for the specific language governing permissions
       and limitations under the License.