die 12/09/07, ad 16h53, Fabian Lueghausen <[EMAIL PROTECTED]> dixit : > When I try to invoke the CounterService I get this (client on my local > machine): > > [EMAIL PROTECTED] ~]$ counter-client -s > https://ingrid:9000/wsrf/services/CounterService > > Error: ; nested exception is: > org.globus.common.ChainedIOException: Authentication > failed [Causedby: Failure unspecified at GSS-API level [Caused > by: Bad certificate (The signature of > 'O=Grid,OU=GlobusTest,OU=simpleCA- > ingrid.scai.fraunhofer.de,CN=host/ingrid.scai.fraunhofer.de' > certificate does not match its issuer)]] (*) ... > No I'm wondering about the certificate marked with (*). Don't know why
This is the key of you host, key which should be certified by the CA.
The keys of the host are in /etc/grid-security on the server. They
are not the same than the keys of the CA (which you don't see most
of the time) and different from yours (which are in .globus).
All the keys should be certified by the CA and the CA public key
(something like 6e39ff11.0) should be in ~/.globus/certificates for
the user (not mandatory) and in /etc/grid-security/certificates.
Olivier.
ps: your client uses the hosts certificate to check if the host
is the one it pretends to be (if not, you refuse to use it!)
signature.asc
Description: Digital signature
