Table of Contents
MyProxy is open source software for managing X.509 Public Key Infrastructure (PKI) security credentials (certificates and private keys). MyProxy combines an online credential repository with an online certificate authority to allow users to securely obtain credentials when and where needed. Users run myproxy-logon to authenticate and obtain credentials, including trusted CA certificates and Certificate Revocation Lists (CRLs). For more information about MyProxy, see the MyProxy Home Page.
- Users can obtain certificates and trust roots from the MyProxy CA using myproxy-logon.
- Users can store and retrieve multiple X.509 proxy credentials using myproxy-init and myproxy-logon.
- Users can store and retrieve multiple X.509 end-entity credentials using myproxy-store and myproxy-retrieve.
- Users and administrators can manage trustroots (CA certificates and CRLs) using myproxy-logon and myproxy-get-trustroots.
- Administrators can load the repository with X.509 end-entity credentials on the users' behalf using myproxy-admin-load-credential.
- Administrators can use the myproxy-admin-adduser command to create user credentials and load them into the MyProxy repository.
- Administrators can use the myproxy-admin-addservice command to create host credentials and load them into the MyProxy repository.
- Users and administrators can set access control policies on the credentials in the repository.
- If allowed by policy, job managers (such as Condor-G) can renew credentials before they expire.
- The MyProxy server enforces local site passphrase policies using a configurable external call-out.
The following problems and limitations are known to exist for MyProxy at the time of the 5.0.5 release:
- Bug 2709: The MyProxy package isn't internationalized.
MyProxy depends on the following GT component:
Tested Platforms for MyProxy:
- Mac OS X 10.5
- x86/x86_64 GNU/Linux
- PPC AIX 5.3
- Sun4u Solaris 5.10
Associated standards for MyProxy:
See MyProxy for more information about this component.