NOTE: This page is out of date and has been replaced by http://docs.google.com/View?id=dgp8twm9_2fqs959hk
This page describes the files installed as part of the GridShib-CA deployment and the minimum permissions needed on those files. | File(s) | Entity that needs access
| Access Needed
| Description | | certs/* | GridShib-CA web application
| write | Copy of issued certificates
| check-config.pl
create-openid-consumer-secret.pl
create-openssl-ca.pl
issue-cert.pl
myproxy-mapapp.pl
| Administrator | read, execute
| Administrative utilities
| gridshib-ca.conf
| GridShib-CA web application
| read | Main configuration file
| | policy.conf | GridShib-CA web application
| read | Authorization policy
| | openid-consumer-secret | GridShib-CA web application | read | Secret used to protect OpenId authentication.
| openssl-ca
| GridShib-CA web application
| read, execute
| Binary to issue certificates locally.
| | perl/* | GridShib-CA web application
| read | Perl modules for web application.
| | templates/* | GridShib-CA web application
| read | Templates for web application.
| gridshib-ca-cert.pem
gridshib-ca-key.pem
| OpenSSL-CA | read | CA credentials for local CA.
| | serial | OpenSSL-CA | read, write
| Serial file for local CA.
| myproxy-client-cert.pem
myproxy-client-key.pem
| GridShib-CA web application
| | Client credentials for MyProxy CA.
| /var/run/gridshib-ca/gsca-session-* (Path be changed in gridshib-ca.conf)
| GridShib-CA web application
| create, read, write
| Sessions |
| 