The problem is not with a certificate the user 'globus' uses but with a
host certificate of the machine gridserver. A subject of the certificate
does not match a hostname/ip address returned by a resolver. Please,
check the subject:
$ openssl x509 -noout -subject -in /etc/grid-security/hostcert.pem
You need to generate a new host certificate request:
$ grid-cert-request -host <FQDN>
Sign it and put into /etc/grid-security.
Lukasz
On 4/17/11 9:26 AM, tariq adnan wrote:
Hi Lukasz,
when I execute (globus-url-copy) i have following below output, did
the output mean that i have problem in host certificate name, and
please how can I change certificate name. THANKS.
[globus@gridserver ~]$ grid-cert-info -subject
/O=Grid/OU=GlobusTest/OU=simpleCA-gridserver/CN=globus
[globus@gridserver ~]$ whoami
globus
[globus@gridserver ~]$ globus-url-copy -vb
gsiftp://gridserver:5000/etc/issue gsiftp://gridserver:5000/tmp/foo
Source: gsiftp://gridserver:5000/etc/
Dest: gsiftp://gridserver:5000/tmp/
issue -> foo
error: globus_ftp_control: gss_init_sec_context failed
GSS Major Status: Unexpected Gatekeeper or Service Name
globus_gsi_gssapi: Authorization denied: The expected name for the
remote host (host@gridserver) does not match the authenticated name of
the remote host (globus). This happens when the name in the host
certificate does not match the information obtained from DNS and is
often a DNS configuration problem.
[globus@gridserver ~]$
--- On *Mon, 4/11/11, Lukasz Lacinski /<[email protected]>/* wrote:
From: Lukasz Lacinski <[email protected]>
Subject: Re: About globus-url-copy
To: "tariq adnan" <[email protected]>
Cc: "gt-user" <[email protected]>
Date: Monday, April 11, 2011, 3:01 AM
Hi Tariq,
The hostname gridserver you specified to transfer data from
gsiftp://gridserver/etc/issue is not resolvable. You can use an IP
address of that machines or add an appropriate record to
/etc/hosts (look at the manual: man 5 hosts).
Please, look what you get when you execute:
[globus@gridserver ~]$ host gridserver
or
[globus@gridserver ~]$ host --fqdn gridserver
Regards,
Lukasz
On 4/10/11 9:51 PM, tariq adnan wrote:
Dear lukasz,
After proxy was successfully created and activated, I want to
execute (globus-url-copy) command, but I have error, now I'm
assuming my PC works as server and client at the same time, thanks:
[globus@gridserver ~]$ globus-gridftp-server -p 2811 -S
[globus@gridserver ~]$ globus-url-copy -vb
gsiftp://gridserver/etc/issue file:/tmp/foo
Source: gsiftp://gridserver/etc/
Dest: file:/tmp/
issue -> foo
error: globus_xio: Unable to connect to gridserver:2811
globus_xio: globus_libc_getaddrinfo failed.
globus_common: Name or service not known
