On Tue, Aug 12, 2008 at 10:17 AM, Charles Bacon <[EMAIL PROTECTED]> wrote:
> Any chance you have grid-proxy-init aliased? Check "type -a
> grid-proxy-init".
I'm 100% sure, I installed this from scratch myself and no one else
would have known, let alone bothered to alias it. Here's the output:
grid-proxy-init is /opt/globus/4.2.0/bin/grid-proxy-init
>
> The output you showed looks a little bit like what happens if I run
> "grid-proxy-init -draft". Then my extensions are:
> X509v3 extensions:
> X509v3 Key Usage: critical
> Digital Signature, Key Encipherment, Data Encipherment
> 1.3.6.1.4.1.3536.1.222: critical
> 0.0
> ..+.......
>
> If I add a path-length, you can see that the row of dots gets longer:
> X509v3 extensions:
> X509v3 Key Usage: critical
> Digital Signature, Key Encipherment, Data Encipherment
> 1.3.6.1.4.1.3536.1.222: critical
> 0.0
> ..+............
Odd, mine does not increment like yours, check this out:
(no grid-proxy-init options set on the CLI):
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
1.2.6.1.5.5.7.1.14: critical
0....0
..+.......
(with "-rfc" only):
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
1.2.6.1.5.5.7.1.14: critical
0....0
..+.......
(with "-rfc -path-length <N>" where N is any number):
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
1.2.6.1.5.5.7.1.14: critical
0....0
..+.......
See that? At no point does it change. Any ideas what's up with that?
>
> Whereas "grid-proxy-init -rfc -path-length 2" gets me:
> X509v3 extensions:
> X509v3 Key Usage: critical
> Digital Signature, Key Encipherment, Data Encipherment
> Proxy Certificate Information: critical
> Path Length Constraint: 02
> Policy Language: Inherit all
>
> Anything change for you if you add -rfc?
No change at all, it's the same output as above every time.
>
>
> Charles
