I am posting the message below on behalf of my colleague Neha Sharma (n...@fnal.gov)
Hi DOEGrids recently added the following new critical extension in the host certificate they issued - "X509v3 Extended Key Usage: critical TLS Web Server Authentication, TLS Web Client Authentication" When we upgraded the host certificate on our gatekeeper node, so that it had the above extension, the gatekeeper failed to authenticate itself with the Site Authorization Service (SAZ) The exception we are seeing is below: "Exception org.globus.common.ChainedIOException: Authentication failed [Caused by: Defective credential detected [Caused by: [JGLOBUS-95] Unsuppored critical exception : "2.5.29.37"]]" Upon googling it, I noticed a bugzilla entry which is similar to what we are seeing, however I do not see any resolution http://bugzilla.globus.org/globus/show_bug.cgi?id=3299 SAZ is using cog-jglobus-1.7.0.jar, which I believe is the latest version. Also I have confirmed that the cryptix32.jar and cryptix- asn1.jar are the latest that globus provides. The exact point where the above exception gets thrown is when SAZ attempts to read data from the input stream of the client socket Is this a known problem? Was the above bug ever resolved? Any input you can provide is greatly appreciated. -Neha