Grid Canada Certificates

Grid Canada Certificates

What are they?

WestGrid certificates are text files, signed by Grid Canada, that, when used with your pass-phrase, prove your identity. When a WestGrid account is created, a certificate is automatically provided to you.

How do they work?

These certificates are the starting-point for all authentication with grid services running at WestGrid sites. Your certificate does not allow direct access to WestGrid resources, but it allows you to create proxies, which do give you access.

Your grid certificate is a long-term credential, renewed annually along with your WestGrid account. Sixty days before your certificate expires, you will receive an email containing a link to our WestGrid renewal page. The process is quick and simple.

You can display information about your certificate using grid-cert-info. For example, to display the period during which your grid certificate is valid, use;

% grid-cert-info -subject -startdate -enddate
Jan 01 00:00:00 2000 GMT
Jan 01 00:00:00 2001 GMT 

Your grid certificate is stored in your home directory (on* as a public key pair consisting of two files:

  • $HOME/.globus/usercert.pem
    (The certificate, which is your public key combined with a signature from an authority such as Grid Canada.)
  • $HOME/.globus/userkey.pem
    (The private key, encrypted with a passphrase known only to you.)

To protect your WestGrid account, keep your private key and certificates private. Don't delete your certificate, and don't forget the passphrase which you used when you applied for your WestGrid account, since it is what allows you access to your private key. If you forget your passphrase, you will have to request a new certificate. Contact WestGrid Support.


*NOTE:  current location.  Contact us if you need help accessing your cert.


Updated 2011-02-08