On Nov 27, 2007, at 9:47 PM, Wilson Jr. wrote:
It was giving error, then I went to try a simple globus-url-copy
I thought my Globus installation it was ok, but when I run:
globus-url-copy gsiftp://localhost:2811/etc/hosts file:///tmp/hosts
error: globus_ftp_control: gss_init_sec_context failed
GSS Major Status: Unexpected Gatekeeper or Service Name
globus_gsi_gssapi: Authorization denied: The name of the remote
host (pc-boys), and the expected name for the remote host
(localhost) do not match. This happens when the name in the host
certificate does not match the information obtained from DNS and is
often a DNS configuration problem.
This must be anything about my /etc/hosts.
Instead of using "localhost", why not use pc-boys instead?
Seizing the opportunity, Can anyone say me how exactly GT4 expect
that the /etc/hosts be?
'Cause I know GT4 utilizes hosts to setup the simpleCA, probably my
problem is here.
Not exactly. SimpleCA doesn't care about /etc/hosts at all. The GSI
clients are the ones that care about hostnames. When you use a
client to connect to a service, the client will:
1) Turn the service's address into an IP
2) Reverse-map the IP to a hostname
3) Expect to see that hostname in the hostcert
Then, I really need to know how exactly must be /etc/hosts to GT4
works perfectly.
I had a headache in the cluster with 5 machines to setup simpleCA,
exactly because the /etc/hosts
I always had a error, change the hosts, setup simpleCA and generate
the certificates again.
You never need to make a new SimpleCA to solve that problem, only to
create certificates if the hostnames changed.
Then, for the environment with just my machine, how I let the /etc/
hosts to GT4 work?
And I'd like to understand in general, how hosts must be to
configure in any environment.
They need to be setup so reverse-lookups of the IP address map to the
name in the certificate. That's easiest to manage if you use the
Fully Qualified Domain Name, because that will work with both DNS
and /etc/hosts.
What exactly is your OGSA-DAI error?
Charles
