Ok, let's go step by step, I'm understanding the question better, but still have some gaps.
On Nov 28, 2007 1:16 PM, Charles Bacon <[EMAIL PROTECTED]> wrote: > On Nov 27, 2007, at 9:47 PM, Wilson Jr. wrote: > > > It was giving error, then I went to try a simple globus-url-copy > > > > I thought my Globus installation it was ok, but when I run: > > > > globus-url-copy gsiftp://localhost:2811/etc/hosts file:///tmp/hosts > > > > error: globus_ftp_control: gss_init_sec_context failed > > GSS Major Status: Unexpected Gatekeeper or Service Name > > globus_gsi_gssapi: Authorization denied: The name of the remote > > host (pc-boys), and the expected name for the remote host > > (localhost) do not match. This happens when the name in the host > > certificate does not match the information obtained from DNS and is > > often a DNS configuration problem. > > > > This must be anything about my /etc/hosts. > > > Instead of using "localhost", why not use pc-boys instead? Ok, I understood why I can't use localhost, but I think there's a error here still: Using "pc-boys", brings me the same error using "localhost". It only worked using the fixed ip in my local network: 192.168.254.2 > > > Seizing the opportunity, Can anyone say me how exactly GT4 expect > > that the /etc/hosts be? > > 'Cause I know GT4 utilizes hosts to setup the simpleCA, probably my > > problem is here. > > Not exactly. SimpleCA doesn't care about /etc/hosts at all. The GSI > clients are the ones that care about hostnames. When you use a > client to connect to a service, the client will: > > 1) Turn the service's address into an IP > 2) Reverse-map the IP to a hostname > 3) Expect to see that hostname in the hostcert > > > Then, I really need to know how exactly must be /etc/hosts to GT4 > > works perfectly. > > I had a headache in the cluster with 5 machines to setup simpleCA, > > exactly because the /etc/hosts > > I always had a error, change the hosts, setup simpleCA and generate > > the certificates again. > > You never need to make a new SimpleCA to solve that problem, only to > create certificates if the hostnames changed. Charles, here I was talking about when I was installing the SimpleCA, depending how was my /etc/hosts, after when I was sign the certificates the DN generated it was for example: /O=Grid/OU=GlobusTest/OU=simpleCA-localhost/CN=Wilson Jr. instead of: /O=Grid/OU=GlobusTest/OU=simpleCA-pc-boys/CN=Wilson Jr., that I think must be the correct. 'Cause this I was making the things int the base of tests , I changed the the /etc/hosts, install the SimpleCa, until I got sign with: simpleCa-pc-boys > > > Then, for the environment with just my machine, how I let the /etc/ > > hosts to GT4 work? > > And I'd like to understand in general, how hosts must be to > > configure in any environment. > > They need to be setup so reverse-lookups of the IP address map to the > name in the certificate. That's easiest to manage if you use the > Fully Qualified Domain Name, because that will work with both DNS > and /etc/hosts. Ok, like I said using "pc-boys" in globus-url-copy still continues the error. Here is my /etc/hosts: 127.0.0.1 localhost loopback pc-boys 192.168.254.2 pc-boys Then I changed the order: 192.168.254.2 pc-boys 127.0.0.1 localhost loopback pc-boys Now, It's working for all :) : 192.168.254.2, pc-boys, localhost, 127.0.0.1 Thanks Charles and Gilbert too. > > What exactly is your OGSA-DAI error? > My OGSA-DAI error it was trying to use the DeliverToGFTP activity. But I'm already in contact with Ally Hume from OGSA-DAI project, he is helping me. Thanks again. Cheers, > > > Charles > -- "É este um mundo no qual devemos esconder nossas virtudes?" Willian Shakespeare **************** Wilson Júnior ****************
