globus-connect-server - Configuration file for Globus Connect Server


This page describes the fields in the Globus Connect Server configuration file

[Globus] Section

This configuration section configures how to contact Globus when creating or modifying an endpoint.


The Client ID of the Globus Connect Server. This is created using the application located at and selecting the New GCS option


The Client Secret of the Globus Connect Server. This is created using the application located at and selecting the New GCS option

[Endpoint] Section

Set these if you want to add or modify the core attributes of the endpoint.


Display name of the endpoint. The special value %(SHORT_HOSTNAME)s will substitute the first segment of the current machine’s public hostname,



The public hostname of the GCS server. The special value of %(HOSTNAME)s will use the hostname of the current machine.

ServerName = %(HOSTNAME)s

[LetsEncrypt] Section

This section configures the interaction with the Let’s Encrypt service.


The user must supply an email address for LetsEncrypt.


The user must explicitly agree to the Lets Encrypt Terms of Service. If not set to True, the globus-connect-server-setup scripts will provide a link to so user can view and acknowledge the ToS.

AgreeToS = False

[GridFTP] Section

This section configures a GridFTP server. It can be processed on the GridFTP server host to generate a GridFTP configuration file, and on that or any other host to add a GridFTP server to an endpoint


Port range to use for incoming connections. The format is startport,endport. If not set, this will default to 50000,51000

IncomingPortRange = 50000, 51000


Port range to use for outgoing connections. The format is startport,endport. Only use this if your firewall restricts outgoing ports and gridftp won’t work otherwise. The default is not restrict outgoing TCP ports.


Hostname or IP address of the interface to use for data connections. If not set in this file, then the default behavior is: - When run on an EC2 instance, the data interface will be automatically configured to use the public ipv4 address of the instance. - When run on a non-EC2 instance, if [Endpoint].ServerName is set, then that value is used. If this resolves to a private IP address, a warning will be issued. - Otherwise, this will not be set, and the gridftp server will tell clients to connect to the IP address that the control connection was established on.


Require an encrypted data connection for all transfers. Transfers attempted without encryption will result in error.

RequireEncryption = False

© 2010- The University of Chicago Legal