On Tue, Aug 12, 2008 at 4:37 PM, Joseph Bester <[EMAIL PROTECTED]> wrote: > On Aug 12, 2008, at 8:06 AM, I8abyte wrote: >> >> My root CA has a pathlen of "3" and my second-level CA has a pathlen >> "2". My personal cert does not have a pathlen set and never has any >> of my proxy certs displayed one. >> >> BTW, thanks for your help so far! > > I've tried creating a CA with pathlen constraint and generated proxies > beyond that level without problems (with a few different openssl versions). > Note that the callback code is a bit openssl version-dependent and must be > compiled and run against the same openssl version. > > I'd be interested in seeing the output from setting the environment variable > GLOBUS_GSI_CALLBACK_DEBUG_LEVEL to 3 in the app which is failing. > > Joe >
The callback code and openssl version sounds like an interesting lead ... I'll dig around on it but when you say it's version dependent is there specific version or range of openssl versions that are required? I may have compiled against an 0.9.8x version. Here's a naive question ... how do I use GLOBUS_GSI_CALLBACK_DEBUG_LEVEL with 'globus-crft', is there a doc or something you can point me to? I'm just aiming to get a standalone GridFTP/RFT service going with the new 'globus-crft' utility at this point so I'm not sure how to employ GLOBUS_GSI_CALLBACK_DEBUG_LEVEL with that. Ben--
