condor_ssl_fingerprint - Man Page

condor_ssl_fingerprint — HTCondor Manual

list the fingerprint of X.509 certificates for use with SSL authentication
 

condor_ssl_fingerprint [FILE]

condor_ssl_fingerprint parses provided file for X.509 certificcates and prints prints them to stdout.  If no file is provided, then it defaults to printing out the user's known_hosts file (typically, in ~/.condor/known_hosts).

If a single PEM-formatted X.509 certificate is found, then its fingerprint is printed.

The X.509 fingerprints can be used to verify the authenticity of an SSL authentication with a remote daemon.

To print the fingerprint of a host certificate

$ condor_token_list
Header: {"alg":"HS256","kid":"POOL"} Payload: {"exp":1565576872,"iat":1565543872,"iss":"htcondor.cs.wisc.edu","scope":"condor:\/DAEMON","sub":"k8sworker@wisc.edu"} File: /home/bucky/.condor/tokens.d/token1
Header: {"alg":"HS256","kid":"POOL"} Payload: {"iat":1572414350,"iss":"htcondor.cs.wisc.edu","scope":"condor:\/WRITE","sub":"bucky@wisc.edu"} File: /home/bucky/.condor/tokens.d/token2

condor_token_list will exit with a non-zero status value if it fails to read the token directory, tokens are improperly formatted, or if it experiences some other error.  Otherwise, it will exit 0.

condor_token_create(1), condor_token_fetch(1), condor_token_request(1)

Center for High Throughput Computing, University of Wisconsin-Madison

HTCondor Team

1990-2024, Center for High Throughput Computing, Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, US. Licensed under the Apache License, Version 2.0.