Forskjell mellom versjoner av «Grid hints»
Fra mn/fys/epf
(→Making LSC files for VOMS servers) |
m (Added hints for setupATLAS and in particular voms-proxy-init) |
||
Linje 1: | Linje 1: | ||
− | = | + | == Voms-proxy-init on our (ATLAS, Linux) desktops == |
+ | * somewhere in your linux setup file (e.g. ~/.envir for a UiO desktop): export ATLAS_LOCAL_ROOT_BASE=/cvmfs/atlas.cern.ch/repo/ATLASLocalRootBase alias setupATLAS="source ${ATLAS_LOCAL_ROOT_BASE}/user/atlasLocalSetup.sh" | ||
+ | * setupATLAS | ||
+ | * lsetup rucio | ||
+ | * voms-proxy-init should now be available | ||
+ | == Making LSC files for VOMS servers == | ||
* Create the LSC file: (example) | * Create the LSC file: (example) | ||
<pre> | <pre> | ||
Linje 12: | Linje 17: | ||
* Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g. <pre>/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch</pre> | * Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g. <pre>/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch</pre> | ||
− | = Obtaining a grid certificate = | + | == Obtaining a grid certificate == |
− | + | We used to apply for certificates from the [http://ca.nordugrid.org/ NorduGrid Certificate Authority] (CA), but this can be a patience-testing activity. Instead, all registered CERN users have the possibility to apply for a grid certificate from the [https://ca.cern.ch/ca/ CERN CA]. | |
− | We used to apply for certificates from the [http://ca.nordugrid.org/ NorduGrid Certificate Authority] (CA), but this can be a patience-testing activity. Instead, all registered CERN users have the possibility to apply for a grid certificate from the [https://ca.cern.ch/ca/ |
Nåværende revisjon fra 9. nov. 2018 kl. 14:13
Voms-proxy-init on our (ATLAS, Linux) desktops
- somewhere in your linux setup file (e.g. ~/.envir for a UiO desktop): export ATLAS_LOCAL_ROOT_BASE=/cvmfs/atlas.cern.ch/repo/ATLASLocalRootBase alias setupATLAS="source ${ATLAS_LOCAL_ROOT_BASE}/user/atlasLocalSetup.sh"
- setupATLAS
- lsetup rucio
- voms-proxy-init should now be available
Making LSC files for VOMS servers
- Create the LSC file: (example)
[read@scalar dulcinea]$ openssl s_client -CApath /etc/grid-security/certificates -prexit -connect lcg-voms.cern.ch:8443 2>/dev/null | grep "issuer\|subject" |sed -e s/^[^=]*=// > lcg-voms.cern.ch.lsc [read@scalar dulcinea]$ cat lcg-voms.cern.ch.lsc /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
- Move the LSC file to /etc/grid-security/vomsdir/<VO>/<vomsServer>.lsc, e.g.
/etc/grid-security/vomsdir/atlas/lcg-voms.cern.ch
Obtaining a grid certificate
We used to apply for certificates from the NorduGrid Certificate Authority (CA), but this can be a patience-testing activity. Instead, all registered CERN users have the possibility to apply for a grid certificate from the CERN CA.