One correction. A proxy delegated to that machine is somehow useless.
Lukasz
On May 14, 2010, at 10:44 PM, Lukasz Lacinski wrote:
Got it. The problem is when we try to use a proxy that is a delegated proxy
generated from delegated proxy.
Lukasz
On May 14, 2010, at 10:30 PM, Lukasz
Hi Jim,
I got the same issue with gsissh and GridFTP on a machine I maintain. I
discovered that this hash, we do not know where comes from, is a hash of his
personal certificate. I asked Luis to extract a CA certificate from his proxy
credential and generate a hash. I'm 100% sure that if he
Got it. The problem is when we try to use a proxy that is a delegated proxy
generated from delegated proxy.
Lukasz
On May 14, 2010, at 10:30 PM, Lukasz Lacinski wrote:
One correction. It's a hash of proxy certificate.
Lukasz
On May 14, 2010, at 10:17 PM, Lukasz Lacinski wrote:
Hi
Hi Luis,
Everytime when you gsissh to a remote machine then a proxy credential is
delegated, so you can use that delegated credential to gsissh from a remote
machine to a next machine. When you jump that way from one machine to another
one you create a chain of credentials (look at the picture
Hi,
No, the hash of these CA's is:
- openssl x509 -hash -noout /etc/grid-security/certificates/6c72648e.0
6c72648e
- openssl x509 -hash -noout /etc/grid-security/certificates/fa9133d3.0
fa9133d3
And the openssl version is:
OpenSSL 0.9.7d 17 Mar 2004
Regads,
Luis
El mar, 04-05-2010 a las
Hi Luis,
My idea is to investigate how it's possible that the hash of required CA is
aacc0995. To find it out I would consider two approaches:
1. When you submit a job and get the error about the CA certificate with the
hash aacc0995, please execute
$ grid-proxy-info
to determine a location
Hi Lukasz,
El mié, 05-05-2010 a las 03:20 -0500, Lukasz Lacinski escribió:
Hi Luis,
My idea is to investigate how it's possible that the hash of required CA is
aacc0995. To find it out I would consider two approaches:
1. When you submit a job and get the error about the CA certificate
Hello,
I have some problems to execute a basic globusrun-ws command. When I
execute:
globusrun-ws -submit -c /bin/hostname
The output is:
Submitting job...Failed.
globusrun-ws: Error submitting job
OpenSSL Error: s3_clnt.c:842: in library: SSL routines, function
SSL3_GET_SERVER_CERTIFICATE:
Hello,
I have some problems to execute a basic globusrun-ws command. When I
execute:
globusrun-ws -submit -c /bin/hostname
The output is:
Submitting job...Failed.
globusrun-ws: Error submitting job
OpenSSL Error: s3_clnt.c:842: in library: SSL routines, function
SSL3_GET_SERVER_CERTIFICATE:
The command globusrun-ws verifies the authenticity of GRAM4 service you submit
a job to. To do that the command globusrun-ws search in
$HOME/.globus/certificates or in /etc/grid-security/certificates for the
certificate of the Certificate Authority that signed the GRAM4 service
certificate.
Hi,
Did one of these CAs (6c72648e, fa9133d3) issued the user certificate that you
use to submit a job? Definitely, you use somewhere a certificate issued by a CA
with hash aacc0995.
Regards,
Lukasz
On May 4, 2010, at 7:38 AM, Luis wrote:
Hello,
That is what I firstly though. However,
If by any chance you're using OpenSSL 1.0.0, likely your CA files were
named using the new OpenSSL hash algorithm, whereas the Globus Java
components are looking for CA files using the old hash names. In that
case, you may find the documentation at
http://www.cilogon.org/openssl1 helpful for
On May 4, 2010, at 7:38 AM, Luis wrote:
Hello,
That is what I firstly though. However, in
the /etc/grid-security/certificates directory I have the next files:
-rw-r--r-- 1 root root 1,4K may 3 13:39 grid-security.conf.6c72648e
-rw-r--r-- 1 root root 2,8K may 3 13:39
13 matches
Mail list logo