Last Updated: December 12, 2022
On December 12, 2022, Globus updated the Certificate Authority (CA) used for its transfer service and moved to a different system for managing the CA. Most Globus Connect Server and Globus Connect Personal installations require updated trust roots to function properly.
Information for updating your deployment is provided below.
All Globus Connect Server v5 deployments must update to version 5.4.50 or later. Update instructions.
A successful listing of any collection on the endpoint will confirm that the update was successful.
We recommend that all Globus Connect Server v4 deployments migrate to Globus Connect Server v5 as soon as possible. Migration tools and instructions.
Alternatively, Globus Connect Server v4 deployments can be updated to version 4.0.63 or later. Update instructions.
Without this update, Globus Connect Server v4 endpoints that have sharing enabled (
Sharing = True in
or have configured a MyProxy Server value of
myproxy.globusonline.org, will cease to operate properly with the Globus service as of December 12, 2022.
A successful listing of any shared collection will confirm that the update was successful.
Installing the latest package is sufficient to apply the trust root update.
It is not necessary to run
globus-connect-server-setup after the package is installed,
unless the deployment was originally created using
globus-connect-server-setup with the
to use a non-standard configuration file location or root dir. Use of these options is not common.
All Globus Connect Personal installations should be updated to version 3.2.0 or later using the instructions below for your operating system.
A successful listing of your endpoint will confirm that the update was successful.
The latest versions of Globus Connect Server and Globus Connect Personal are built for currently supported platforms. If your current platform is no longer supported, you can update the trust roots manually so that your endpoint can continue to function after December 12, 2022.
You will need to remove old versions of the Globus transfer service CA certificates from your trust root directory. The location of the trust roots are described below. Remove any files with the following prefixes:
7a42187f.* 4b828555.* c7ab88a4.* globus_transfer_ca_2.* globus_transfer_ca_2_int.*
Extract the downloaded archive and move the files from its
globus-transfer-ca-2022 directory into the trust root directory on the endpoint.
The location of the trust roots are described below.
The trust root location is
The default trust root location is
/var/lib/globus-connect-server/grid-security/certificates, but it can be overridden in the configuration.
/etc/globus-connect-server.conf to see if you’ve defined
The trust roots for Globus Connect Personal are part of the installed package, so the location will depend on where you have chosen to install it.
The default location for Windows is
C:\Program Files (x86)\Globus Connect Personal\etc\ca.
The default location for Mac is
/Applications/Globus Connect Personal.app/Contents/MacOS/etc/ca.
The trust roots for Linux are at
./etc/ca in the location you extracted the installation package, for example
Globus Connect Personal v2 is now deprecated and will be discontinued on December 12, 2022.
If you’re currently running Globus Connect Server v2 on an end-of-life platform that is not supported by version 3.2.0, please upgrade to the v3.0.x series linked below, and update the trust roots manually. You will not be able to continue using Globus Connect Personal v2 after December 12, 2022.
The latest version of Globus Connect Personal for Windows (3.2.1) requires a 64-bit architecture. If you are running Globus Connect Personal for Windows on a 32-bit architecture, please install version 3.2.0, which supports 32-bit and contains the updated trust roots.
Download Globus Connect Personal 3.2.0: Windows