KX.509 and KCA
Institutions that already have a Kerberos realm can use KX.509 and KCA to provide local users with Grid proxy certificates without operating a conventional Certificate Authority. When users authenticate with the Kerberos system, they obtain Grid proxy certificates in addition to their Kerberos tickets. These users can then use Grid tools and applications without an additional authentication procedure.
The KCA component is a Kerberized certification service. It issues proxy certificates based on a Kerberos authentication. The KX.509 component is a Kerberized client that generates and stores proxy certificates with help from KCA.
Unlike MyProxy, KX.509 and KCA create credentials for users, so remote sites must be configured to trust the local KCA service's certification authority.
| Software: | KX.509 and KCA |
| Developed by: | Center for Information Technology Integration, The University of Michigan |
| Distributions: | NMI-R7 Download from University of Michigan |
| Contact: |