Yes, 'grid-proxy-info -path' shows the path to the text file containing
your proxy credential, which you can open in an editor of your choice
and look at the certificates in the chain. For each BEGIN CERTIFICATE /
END CERTIFICATE block, you can use 'openssl x509 -text' to see a human
readable
In reading about the mit pkinit implementation
http://k5wiki.kerberos.org/wiki/Pkinit_configuration
i had some issues / questions on how to sign a globus certificate with
the additional extensions and not destroying the globus extensions. I am
using a adjusted version of the
when i do a grid-cert-info with the kerberized credential
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
1.3.6.1.5.2.3.4
X509v3 Key Usage: critical
Digital Signature, Key