Hello, I have a globus-gridftp-server running on a server. On my client machine, i have a valid certificate, and grid-proxy-init -verify -debug runs successfully. When i try to make a transfer, here is the error i get:
[EMAIL PROTECTED]:~$ globus-url-copy -v -vb -dbg gsiftp://AnIP/etc/issue file:/tmp/foo Source: gsiftp://AnIP/etc/ Dest: file:/tmp/ issue -> foo debug: starting to get gsiftp://AnIP/etc/issue debug: connecting to gsiftp://AnIP/etc/issue debug: response from gsiftp://AnIP/etc/issue: 220 'DNSName' GridFTP Server 2.3 (gcc64, 1144436882-63) ready. debug: authenticating with gsiftp://AnIP/etc/issue debug: fault on connection to gsiftp://AnIP/etc/issue: globus_ftp_control: gss_init_sec_context failed debug: data callback, error globus_ftp_control: gss_init_sec_context failed, buffer 0xb7a9e008, length 0, offset=0, eof=true debug: operation complete error: globus_ftp_control: gss_init_sec_context failed globus_gsi_callback_module: Could not verify credential globus_gsi_callback_module: Error with signing policy globus_gsi_callback_module: Error in OLD GAA code: CA policy violation: <no reason given> Googling, i found some solutions: maybe the regexp in the signing policy file is not matched by the certificate subject. But it is. On the client side, the subject is: /O=Grid/OU=GlobusTest/OU= simpleCA-letsim.let.fr/OU=ish-lyon.cnrs.fr/CN=fhornoy On the server side, here is the signing policy, and the grid-mapfile: ~# cat /etc/grid-security/certificates/661ab999.signing_policy access_id_CA X509 '/O=Grid/OU=GlobusTest/OU= simpleCA-letsim.let.fr/CN=Globus Simple CA' pos_rights globus CA:sign cond_subjects globus '"/O=Grid/OU=GlobusTest/OU= simpleCA-letsim.let.fr/*"' So the subject matches the cond_subjects regexp. There is this line in the grid-mapfile: "/O=Grid/OU=GlobusTest/OU= simpleCA-letsim.let.fr/OU=ish-lyon.cnrs.fr/CN=fhornoy" fhornoy Well, i don't know where this error can come from. Any help welcomed :-) Best regards, Francois.
