Creating the active certificates, for grid-proxy-init -verify -debug User Cert File: /space/users/globus/.globus/usercert.pem User Key File: /space/users/globus/.globus/userkey.pem Trusted CA Cert Dir: /etc/grid-security/certificates Output File: /tmp/x509up_u1030 Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-semantic.info.bt.co.uk/OU=info.bt.co.u k/CN=globus development Enter GRID pass phrase for this identity: Creating proxy ................++++++++++++ .....................++++++++++++ Done Proxy Verify OK Your proxy is valid until: Wed Aug 29 01:04:06 2007
The url copy then gives the error message of globus-url-copy gsiftp://semantic.info.bt.co.uk/etc/passwd file:///tmp/x.y error: globus_ftp_client: the server responded with an error 530 530-Login incorrect. : globus_gss_assist: Gridmap lookup failure: Could not map /O=Grid/OU=GlobusTest/OU=simpleCA-semantic.info.bt.co.uk/OU=info.bt.co.u k/CN=globus development 530- 530 End. semantic% Nicholas J. Kings (Nick) Senior Researcher Next Generation Web Research, BT Group Chief Technology Office ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 28 August 2007 12:43 To: [email protected] Subject: [gt-user] Installing GT4 on a Solaris machine. Mismatched DNS All, Can some please help explain the situation, and provide clues? I am installing GT4 on a Solaris machine that has two different names mapped to the same IP address. What is the sequence of mapping a name here? $ grid-proxy-init -debug -verify User Cert File: /space/users/globus/.globus/usercert.pem User Key File: /space/users/globus/.globus/userkey.pem Trusted CA Cert Dir: /etc/grid-security/certificates Output File: /tmp/x509up_u1030 Your identity: /O=Grid/OU=GlobusTest/OU=simpleCA-btbreakfastclub.dev.bt.com/CN=globus development Enter GRID pass phrase for this identity: Creating proxy ..........++++++++++++ ......................++++++++++++ Done Proxy Verify OK Your proxy is valid until: Wed Aug 29 00:29:44 2007 Seems to work fine, however, I get the following error messages. $ . /space/applications/globus/etc/globus-user-env.sh $ globus-url-copy gsiftp://semantic/etc/passwd file:///tmp/x.y <file:///tmp/x.y> error: globus_ftp_control: gss_init_sec_context failed GSS Major Status: Unexpected Gatekeeper or Service Name globus_gsi_gssapi: Authorization denied: The name of the remote host (btbreakfastclub.dev.bt.com), and the expected name for the remote host (semantic.info.bt.co.uk) do not match. This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem. $ globus-url-copy gsiftp://btbreakfastclub.dev.bt.com/etc/passwd file:///tmp/x.y <file:///tmp/x.y> error: globus_ftp_control: gss_init_sec_context failed GSS Major Status: Unexpected Gatekeeper or Service Name globus_gsi_gssapi: Authorization denied: The name of the remote host (btbreakfastclub.dev.bt.com), and the expected name for the remote host (semantic.info.bt.co.uk) do not match. This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem. # But... When creating an appropriate set of certificates, with the OU set to OU=simpleCA-semantic.info.bt.co.uk, globus-url-copy works, I get the error message of: counter-client -s https://semantic.info.bt.co.uk:8443/wsrf/services/CounterService <https://semantic.info.bt.co.uk:8443/wsrf/services/CounterService> -debug AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException <http://schemas.xmlsoap.org/soap/envelope/%7dServer.userException> faultSubcode: faultString: GSSException: Failure unspecified at GSS-API level [Caused by: semantic.info.bt.co.uk: semantic.info.bt.co.uk] faultActor: faultNode: faultDetail: {http://xml.apache.org/axis/}stackTrace:Failure <http://xml.apache.org/axis/%7dstackTrace:Failure> unspecified at GSS-API level. Caused by java.net.UnknownHostException: semantic.info.bt.co.uk: semantic.info.bt.co.uk at java.net.InetAddress.getAllByName0(InetAddress.java:1128) Nicholas J. Kings (Nick) Senior Researcher Next Generation Web Research, BT Group Chief Technology Office _____ British Telecommunications plc Registered office: 81 Newgate Street London EC1A 7AJ Registered in England no. 1800000 This electronic message contains information from British Telecommunications plc which may be privileged or confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us by telephone or email (to the numbers or address above) immediately. Activity and use of the British Telecommunications plc email system is monitored to secure its effective operation and for other lawful business purposes. Communications using this system will also be monitored and may be recorded to secure effective operation and for other lawful business purposes.
