Hello everybody,
I am using a CA that was created wit the steps that appear in the chapter 7 of http://www.globus.org/toolkit/docs/4.0/admin/docbook/ch07.html#simpleca-usercert In some place of your document I dont understand the note: 1.3. Host certificatesYou must request and sign a host certificate and then copy it into the appropriate directory for secure services. The certificate must be for a machine which has a consistent name in DNS; you should not run it on a computer using DHCP, where a different name could be assigned to your computer. 1.3.1. 3.1 Request a host certificateAs root, run:grid-cert-request -host 'hostname'This creates the following files: /etc/grid-security/hostkey.pem /etc/grid-security/hostcert_request.pem (an empty) /etc/grid-security/hostcert.pem Note: If you are using your own CA, follow their instructions about creating a hostcert (one which has a commonName (CN) of your hostname), then place the cert and key in the /etc/grid-security/ location. You may then proceed to Section 1.4, “User certificates”. <<<<<<<<<<------ here################# I dont understand the note . I mean, I have my own CA, and I need a hostcert for a machine that is not the CA's machine. I show you the procedures but I dont understand the correct, could you help me? Procedure 1: I stay in the CA's machine and create the hostcert with the command grid-cert-request and then I firm it. Later I send the certificate to the other machine.############## Procedure 2: Or I stay in the other machine and create the hostcert with command grid-cert-request and then send it to the CA's machine, later firm on the CA's machine and send back the firmed certificate to the other machine. Which of above procedures are correct? Thanks
