Globus Connect Server Administration Guides
  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
Skip to main content
Globus Docs
  • APIs
    Auth Flows Groups Search Timers Transfer Globus Connect Server Compute Helper Pages
  • Applications
    Globus Connect Personal Globus Connect Server Premium Storage Connectors Compute Command Line Interface Python SDK JavaScript SDK
  • Guides
  • Support
    FAQs Mailing Lists Contact Us Check Support Tickets
  1. Home
  2. Globus Connect Server
  3. v5.4
  4. Command-Line Reference
  5. Collection
  6. Domain
  7. Collection Domain Update

Globus Connect Server Collection Domain Update

Name

globus-connect-server collection domain update - Set the domain name and certificate on a Globus Connect Server collection (new in v5.4.13)

Synopsis

globus-connect-server collection domain update COLLECTION_ID [OPTIONS]…​

Description

The globus-connect-server collection domain update command updates the domain name, certificate, and private key used by the collection.

In order to use this command, one of your Globus identities must have an administrator or owner role on the endpoint.

By default, Globus Connect Server uses a Globus-operated DNS service to provide DNS names to access collections and the Globus Connect Server management API. These names are randomly issued subdomains of the data.globus.org domain.

The globus-connect-server collection domain update command configures the domain and certificate used by a collection to be one that the administrator controls. The domain may be a wildcard or standard A or AAAA record. The certificate and key may be either managed or unmanaged by Globus.

Domain Names

When using this feature, Globus Connect Server allows any DNS domain name that the administrator controls to serve the Globus services for your collection. These names may be A, AAAA, or CNAME records, as is suitable for the endpoint’s configuration.

The --domain DOMAIN option to this command sets the domain name for the collection.

Wildcards

The domain name used by the collection can be set to either be a wildcard or non-wildcard domain. This setting affects what DNS name other related collections on the endpoint will have.

The default for the collection is to assume the domain not a wildcard. In this case, all collections created on the collection will use the subdomains of the data.globus.org domain created during endpoint setup.

The --wildcard flag to this command makes Globus Connect Server treat the domain name as a wildcard.

If the collection is configured with a wildcard domain, then all collections created on the collection will use subdomains of that wildcard domain unless they are themselves configured to use their own custom domain.

This means, for example, that if you configure your collection to use the wildcard domain globus-data.example.org, then a mapped collection may be automatically issued a name like m-766bd244.globus-data.example.org.

Certificates and Keys

Globus Connect Server requires certificates and keys to match the domain name (including wildcard domain property).

The --certificate-path CERTIFICATE and -private-key PRIVATE_KEY command-line parameters set the certificate and private key path. If additional certificates are needed by clients to validate the certificate, they can be set using the --certificate-chain-path CERTIFICATE_CHAIN command-line parameter. The contents of these files must be PEM-encoded.

Managed Certificates and Keys

Globus Connect Server can optionally manage synchronizing changes to the certificate and key files between data transfer nodes. This is enabled by passing the --managed command line option.

When this is enabled, the certificate chain and key are encrypted and synchronized between data transfer nodes along with other configuration data.

If this is not enabled, only the paths to the certificate and key files are synchronized. These files must exist on each data transfer node in order for the Globus services to function properly.

Options

-h, --help

Show help message and exit.

--version

Show the version and exit.

--use-explicit-host IP_ADDRESS (new in 5.4.23)

IP address of the GCS node to use for this request. If not specified, any available GCS node in the endpoint will be used.

--domain DOMAIN

DNS name to use for this collection

--wildcard

Flag indicating that this is a wildcard domain; if true, all collections on this collection which don’t have custom domains will be subdomains of this domain

--managed / --unmanaged

If --managed, automatically synchronize certificates and keys between data transfer nodes using Globus services.

--private-key-path PRIVATE_KEY

Path to a file containing the PEM-encoded private key to use for this domain.

--certificate-path CERT

Path to a file containing the PEM-encoded X.509 certificate for this domain.

--certificate-chain-path CHAIN

Path to a file containing the PEM-encoded X.509 certificate chain for this domain.

  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
© 2010- The University of Chicago Legal Privacy Accessibility