Sending again for list ..
chris
-------- Original Message --------
Subject: Re: [AG-TECH] Requesting a new certificate or running a
VenueServer without.
Date: Thu, 29 May 2014 19:51:04 +1000
From: Christoph Willing <chris.will...@iinet.net.au>
To: Miguel Sáez Llorente <miguelangel.s...@usc.es>
Although the complete authority server infrastructure isn't set up yet,
the core of it is ready. We have a new CA and a mechanism for signing
certificate requests. If you want to use it, the necessary steps
currently are:
1. Download the two CA files from:
http://www.ap-accessgrid.org/CA/
(the README has md5sums for them) and copy them into
/etc/AccessGrid/Config/CAcertificates directory. They will be used
automatically by new users (who don't yet have a ~/.AccessGrid directory
tree). Established users will have to run certmgr3 (certmgr3.py on some
systems), enter "ca" to go into CA mode, then import the .0 file you
just downloaded)
2. Create a certificate request - in a terminal run:
openssl req -newkey rsa:512 -nodes -out cert.csr -keyout cert.key
and answer the questions (leave password empty for server usage). When
complete this will generate 2 files, cert.csr and cert.key (you can give
them more meaningful names if you like). Keep the .key file safe (you'll
need it later) and send the .csr file here (I hope this list allows
attachments) or directly to me. I will sign the request and email your
certificate file (as a .pem file) to you.
3. When you receive the .pem file, copy it to wherever you're keeping
the .key file, then from that directory run certmgr3.py - this time stay
in id mode and then go:
import cert.pem cert.key
(or whatever the names of .pem & .key files are).
4. If you now have multiple id certificates, you'll need to make the new
certificate the default e.g.
default 2
(the number depends on output from certmgr3's list command)
That should be all ..
chris
On 28/05/14 5:35 PM, Miguel Sáez Llorente wrote:
> Hello everyone!
>
> My venue server certificate is about to expire within the next few days.
> I'm trying to request a new certificate but it seems the certificate
> authority server isn't up yet. If it didn't get already fixed i guess it
> won't be soon enough so i'm wondering if there is any way to run a Venue
> Server without a certificate?.
>
> Thanks,
>
------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
accessgrid-tech mailing list
accessgrid-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/accessgrid-tech
