diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb
index 05255add83..c0033c8e9f 100644
--- a/src/cli/one_helper/oneuser_helper.rb
+++ b/src/cli/one_helper/oneuser_helper.rb
@@ -95,10 +95,34 @@ class OneUserHelper < OpenNebulaHelper::OneHelper
             options[:key]  ||= ENV['X509_USER_KEY']
 
             begin
-                auth = X509Auth.new(:cert=>options[:cert], :key=>options[:key])
+                certs    = Array.new
+                certs[0] = File.read(options[:cert])
+                
+                key = File.read(options[:key])
+
+                auth = X509Auth.new(:cert=>certs, :key=>key)
             rescue Exception => e
                 return -1, e.message
             end
+        elsif options[:x509_proxy]
+            require 'x509_auth'
+
+            options[:proxy] ||= ENV['X509_PROXY_CERT']
+            
+            begin  
+                proxy = File.read(options[:proxy])
+
+                rc = proxy.scan(/-+BEGIN CERTIFICATE-+\n([^-]*)\n-+END CERTIFICATE-+/)
+                certs = rc.flatten!
+
+                rc = proxy.match(/-+BEGIN RSA PRIVATE KEY-+\n([^-]*)\n-+END RSA PRIVATE KEY-+/)
+
+                key  = rc[1]
+
+                auth = X509Auth.new(:cert=>certs, :key=>key)
+            rescue => e
+                return -1, e.message
+            end
         else
             return -1, "You have to specify an Auth method"
         end
diff --git a/src/cli/oneuser b/src/cli/oneuser
index 2273562ed7..4beb1bb7a2 100755
--- a/src/cli/oneuser
+++ b/src/cli/oneuser
@@ -68,24 +68,37 @@ cmd=CommandParser::CmdParser.new(ARGV) do
     X509={
         :name => "x509",
         :large => "--x509",
-        :description => "x509 Auth system"
+        :description => "x509 Auth system for x509 certificates"
+    }
+
+    X509_PROXY={
+        :name => "x509_proxy",
+        :large => "--x509_proxy",
+        :description => "x509 Auth system based on x509 proxy certificates"
     }
 
     KEY={
         :name => "key",
-        :short => "-k private_key",
-        :large => "--key private_key",
+        :short => "-k path_to_private_key_pem",
+        :large => "--key path_to_private_key_pem",
         :format => String,
         :description => "Path to the Private Key of the User"
     }
 
     CERT={
         :name => "cert",
-        :large => "--cert s",
+        :large => "--cert path_to_user_cert_pem",
         :format => String,
         :description => "Path to the Certificate of the User"
     }
 
+    PROXY={
+        :name => "proxy",
+        :large => "--proxy path_to_user_proxy_pem",
+        :format => String,
+        :description => "Path to the user proxy certificate"
+    }
+
     TIME={
         :name  => "time",
         :large => "--time x",
@@ -94,7 +107,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do
     }
 
     create_options = [READ_FILE, PLAIN, SSH, X509, KEY, CERT]
-    login_options  = [SSH, X509, KEY, CERT, TIME]
+    login_options  = [SSH, X509, X509_PROXY, KEY, CERT, PROXY, TIME]
 
     ########################################################################
     # Formatters for arguments
@@ -152,6 +165,8 @@ cmd=CommandParser::CmdParser.new(ARGV) do
           oneuser login my_user --ssh --key /tmp/id_rsa --time 72000
           oneuser login my_user --x509 --cert /tmp/my_cert.pem \
                                 --key /tmp/my_key.pk --time 72000
+          oneuser login my_user --x509_proxy --proxy /tmp/my_cert.pem \
+                                --time 72000
     EOT
 
     command :login, login_desc, :username, [:password, nil],