Forskjell mellom versjoner av «Grid hints»
Fra mn/fys/epf
(→Making LSC files for VOMS servers) |
(→Making LSC files for VOMS servers) |
||
Linje 11: | Linje 11: | ||
* Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g. <pre>/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch</pre> | * Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g. <pre>/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch</pre> | ||
+ | |||
+ | = Obtaining a grid certificate = | ||
+ | |||
+ | We used to apply for certificates from the [http://ca.nordugrid.org/ NorduGrid Certificate Authority] (CA), but this can be a patience-testing activity. Instead, all registered CERN users have the possibility to apply for a grid certificate from the [https://ca.cern.ch/ca/ CERN CA]. |
Revisjonen fra 13. apr. 2012 kl. 09:14
Making LSC files for VOMS servers
- Create the LSC file: (example)
[read@scalar dulcinea]$ openssl s_client -CApath /etc/grid-security/certificates -prexit -connect lcg-voms.cern.ch:8443 2>/dev/null | grep "issuer\|subject" |sed -e s/^[^=]*=// > lcg-voms.cern.ch.lsc [read@scalar dulcinea]$ cat lcg-voms.cern.ch.lsc /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
- Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g.
/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch
Obtaining a grid certificate
We used to apply for certificates from the NorduGrid Certificate Authority (CA), but this can be a patience-testing activity. Instead, all registered CERN users have the possibility to apply for a grid certificate from the CERN CA.