Once a year, you must renew your personal X.509 user certificate. You will receive renewal notices by email when the time comes. Once you have gone through their process to get the new certificate, you must install it properly. The instructions that follow assume you have your new certificate loaded into your web browser.
.p12file to a CSL machine
openssl pkcs12 -in <CERT_P12_FILE> -clcerts -nokeys -out $HOME/.globus/usercert.pem
openssl pkcs12 -in <CERT_P12_FILE> -nocerts -out $HOME/.globus/userkey.pem
chmod 0644 $HOME/.globus/usercert.pem chmod 0400 $HOME/.globus/userkey.pem
userkey.pemfiles to other machines as needed