MyProxy Server

Service running

Service
Globus MyProxy server
Service Description
MyProxy manages X.509 Public Key Infrastructure (PKI) security credentials (certificates and private keys). MyProxy combines an online credential repository with an online certificate authority to allow users to securely obtain credentials when and where needed.
Users run myproxy-logon to authenticate and obtain credentials, including trusted CA certificates and Certificate Revocation Lists (CRLs).
Init scripts /etc/init.d/myproxy-server
Daemon /usr/sbin/myproxy-server
Configuration files /etc/myproxy-server.config
Logfile locations
The myproxy server uses the syslog: /var/log/messages

Open ports

Port/Protocol
Description
7512/TCP
Default myproxy server port

Where is service state held

The myproxy server’s credential storage is located in /var/lib/myproxy.

Cron jobs

None.

Security information

The myproxy server uses its own copy of the host certificate and key. These should be owned by the user/group used to run the server, usually myproxy/myproxy:

  • /etc/grid-security/myproxy/hostcert.pem - permissions 644
  • /etc/grid-security/myproxy/hostkey.pem - permission 600
The myproxy server has many security related configuration options. See man myproxy-server.config(5) for details.

Utility scripts

Path/Name
Description
/usr/sbin/myproxy-admin-addservice
/usr/sbin/myproxy-admin-adduser
/usr/sbin/myproxy-admin-change-pass
/usr/sbin/myproxy-admin-load-credential
/usr/sbin/myproxy-admin-query
These tools (provided as part of the myproxy-admin package) allows the system administrator to manipulate the myproxy server. See their respective man pages for details.