Client enforces this mode by setting XrdSecGISNOPROXY = 1. Key file must be pass-less for this work. NB: if the key-file is pass-less and XrdSecGISNOPROXY = 0 (default) authentication still works with the usual protocol, i.e. creating a proxy and using that for the handshake. Setting XrdSecGISNOPROXY = 1 avoids those additional steps. You can view, comment on, or merge this pull request online at: https://github.com/xrootd/xrootd/pull/1493 -- Commit Summary -- * Add support for reading the private key from a separate file * Add support for pure cert/key authentication (no proxy) -- File Changes -- M src/XrdCrypto/XrdCryptoFactory.hh (2) M src/XrdCrypto/XrdCryptosslAux.cc (20) M src/XrdCrypto/XrdCryptosslAux.hh (4) M src/XrdSecgsi/XrdSecProtocolgsi.cc (73) M src/XrdSecgsi/XrdSecProtocolgsi.hh (9) M src/XrdSecgsi/XrdSecgsiProxy.cc (2) M src/XrdSecgsi/XrdSecgsitest.cc (2) -- Patch Links -- https://github.com/xrootd/xrootd/pull/1493.patch https://github.com/xrootd/xrootd/pull/1493.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/pull/1493 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1