GSI
2.0: Environment Variables
GLOBUS_LOCATION
The GSI libraries use GLOBUS_LOCATION as one place to look for the trusted
certificates directory. The location $GLOBUS_LOCATION/share/certficates
is used if X509_CERT_DIR is not set and /etc/grid-security
and $HOME/.globus/certificates do not exist.
GRIDMAP
This environment variable can be used to override the default location
of the grid-mapfile, which is normally /etc/grid-security/grid-mapfile.
X509_CERT_DIR
This environment variable can be used to override the default location
of the trusted certificates directory, which is normally
/etc/grid-security/certificates.
X509_USER_DELEG_PROXY
This environment variable is set by the GSI libraries to point at the
location of credentials that it receives during delegation. Application
servers usually then copy this value to X509_USER_PROXY and users generally
never see it. Setting this value has no effect.
X509_RUN_AS_SERVER (Depreciated
with GT2.2)
If this environment variable is set (to any value) it causes the
GSI libraries not to look for a proxy credential unless
X509_USER_PROXY is explicitly set. The intent is for this to
be used with servers that should always use a given certificate
and private key.
X509_USER_CERT
This environment variable can be used to override the default location of
the certificate file. For users this is normally
$HOME/.globus/usercert.pem. For servers this is normally
/etc/grid-security/hostcert.pem.
X509_USER_KEY
This environment variable can be used to override the default location of
the private key file. For users this is normally
$HOME/.globus/userkey.pem. For servers this is normally
/etc/grid-security/hostkey.pem.
X509_USER_PROXY
This environment variable can be used to override the default location
of the user proxy credentials, which is normally
/tmp/x509up_u<uid>. To stop the GSI libraries from looking
for proxy credentials see
X509_RUN_AS_SERVER.
X509_CERT_FILE (Depreciated with GT2.2)
This environment variable can be used to explicitly force the GSI
libraries to use a given file containing trusted CA certificates.
Use of this variable is discouraged due to lack of use and testing.