In reading about the mit pkinit implementation
http://k5wiki.kerberos.org/wiki/Pkinit_configuration
i had some issues / questions on how to sign a globus certificate with
the additional extensions and not destroying the globus extensions. I am
using a adjusted version of the
when i do a grid-cert-info with the kerberized credential
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
1.3.6.1.5.2.3.4
X509v3 Key Usage: critical
Digital Signature, Key
On 5/31/11 9:35 AM, Amitav Mohanty wrote:
I was wondering why without adding any lines to hosts.allow and
hosts.deny I can have credentials exchanged successfully when both the
server and the client are started on different terminals.
If you run the myproxy-server outside of xinetd, then
Hi
On 06/01/2011 01:41 AM, Lukasz Lacinski wrote:
For some reason you use a host credential (CN=host/fool.man.machine) instead
of a user credential. It is unusual but it should work if you add the
following mapping between this DN and an existing local username to the file
On 06/01/2011 01:41 AM, Lukasz Lacinski wrote:
How did this happen that you use the host credential as a user credential? How
did you get/generate that credential?
Lukasz
In my /home/dknight/.globus/simpleCA/newcerts folder I have 4 files whose
subjects are as follows:
01.pem
Subject: