condor_ssl_fingerprint
list the fingerprint of X.509 certificates for use with SSL authentication
Synopsis
condor_ssl_fingerprint [FILE]
Description
condor_ssl_fingerprint parses provided file for X.509 certificcates and prints
prints them to stdout
. If no file is provided, then it defaults to printing
out the user’s known_hosts
file (typically, in ~/.condor/known_hosts
).
If a single PEM-formatted X.509 certificate is found, then its fingerprint is printed.
The X.509 fingerprints can be used to verify the authenticity of an SSL authentication with a remote daemon.
Examples
To print the fingerprint of a host certificate
$ condor_token_list
Header: {"alg":"HS256","kid":"POOL"} Payload: {"exp":1565576872,"iat":1565543872,"iss":"htcondor.cs.wisc.edu","scope":"condor:\/DAEMON","sub":"k8sworker@wisc.edu"} File: /home/bucky/.condor/tokens.d/token1
Header: {"alg":"HS256","kid":"POOL"} Payload: {"iat":1572414350,"iss":"htcondor.cs.wisc.edu","scope":"condor:\/WRITE","sub":"bucky@wisc.edu"} File: /home/bucky/.condor/tokens.d/token2
Exit Status
condor_token_list will exit with a non-zero status value if it fails to read the token directory, tokens are improperly formatted, or if it experiences some other error. Otherwise, it will exit 0.
See also
condor_token_create(1), condor_token_fetch(1), condor_token_request(1)