[gt-user] Globus-simple-ca sign and mit kerberos with pkinit

In reading about the mit pkinit implementation http://k5wiki.kerberos.org/wiki/Pkinit_configuration i had some issues / questions on how to sign a globus certificate with the additional extensions and not destroying the globus extensions. I am using a adjusted version of the

Re: [gt-user] Globus-simple-ca sign and mit kerberos with pkinit

when i do a grid-cert-info with the kerberized credential ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Extended Key Usage: 1.3.6.1.5.2.3.4 X509v3 Key Usage: critical Digital Signature, Key

Re: [gt-user] help regarding globus-url-copy

On 5/31/11 9:35 AM, Amitav Mohanty wrote: I was wondering why without adding any lines to hosts.allow and hosts.deny I can have credentials exchanged successfully when both the server and the client are started on different terminals. If you run the myproxy-server outside of xinetd, then

Re: [gt-user] help regarding globus-url-copy

Hi On 06/01/2011 01:41 AM, Lukasz Lacinski wrote: For some reason you use a host credential (CN=host/fool.man.machine) instead of a user credential. It is unusual but it should work if you add the following mapping between this DN and an existing local username to the file

Re: [gt-user] help regarding globus-url-copy

On 06/01/2011 01:41 AM, Lukasz Lacinski wrote: How did this happen that you use the host credential as a user credential? How did you get/generate that credential? Lukasz In my /home/dknight/.globus/simpleCA/newcerts folder I have 4 files whose subjects are as follows: 01.pem Subject: