Deployment File Permissions

NOTE: This page is out of date and has been replaced by

This page describes the files installed as part of the GridShib-CA deployment and the minimum permissions needed on those files.

 File(s) Entity that needs access
 Access Needed
 certs/* GridShib-CA web application
 write Copy of issued certificates
 Administrator read, execute
 Administrative utilities
 GridShib-CA web application
 read Main configuration file
 policy.conf GridShib-CA web application
 read Authorization policy
 openid-consumer-secret GridShib-CA web application read Secret used to protect OpenId authentication.
 GridShib-CA web application
 read, execute
 Binary to issue certificates locally.
 perl/* GridShib-CA web application
 read Perl modules for web application.
 templates/* GridShib-CA web application
 read Templates for web application.
 OpenSSL-CA read CA credentials for local CA.
 serial OpenSSL-CA read, write
 Serial file for local CA.
 GridShib-CA web application
  Client credentials for MyProxy CA.
 /var/run/gridshib-ca/gsca-session-* (Path be changed in gridshib-ca.conf)
 GridShib-CA web application
 create, read, write