[gt-user] auth problem in gt421

Tue, 22 Nov 2011 09:44:25 -0800 

I did a myproxy-init in a non-root session, but whit the myproxy service
running in root session:

----------------------------------------------------------------------
www-data@cliente:/tmp$ myproxy-init -C cert.pem -y key.pem -l admin_ca
----------------------------------------------------------------------

this was the output:

-----------------------------
Your identity: "my subjectDN"

Creating proxy
........................................................................ Done
Proxy Verify OK
Your proxy is valid until: Fri Nov 25 13:16:35 2011
Error authenticating: GSS Major Status: Authentication Failed
GSS Minor Status Error Chain:
globus_gss_assist: Error during context initialization
globus_gsi_gssapi: Unable to verify remote side's credentials
globus_gsi_gssapi: Unable to verify remote side's credentials: Couldn't
verify the remote certificate
OpenSSL Error: s3_pkt.c:1102: in library: SSL routines, function
SSL3_READ_BYTES: sslv3 alert bad certificate SSL alert number 42
----------------------------------------------------------------

whit the correspondent /var/log/syslog output:

--------------------------------------------------------------------------
Nov 18 13:16:33 cliente myproxy-server[3699]: Connection from 127.0.1.1
Nov 18 13:16:35 cliente myproxy-server[3699]: Error authenticating client:
GSS Major Status: Authentication Failed GSS Minor Status Error Chain:
globus_gsi_gssapi: SSLv3 handshake problems OpenSSL Error: s3_srvr.c:2602:
in library: SSL routines, function SSL3_GET_CLIENT_CERTIFICATE: no
certificate returned globus_gsi_callback_module: Could not verify
credential globus_gsi_callback_module: Can't get the local trusted CA
certificate: Cannot find trusted CA certificate with hash 52edec22 in
/etc/grid-security/certificates
Nov 18 13:16:35 cliente myproxy-server[3699]: Exiting: authentication failed
----------------------------------------------------------------------------

why myproxy is creating a hash of the certificate from which I want to
obtain a proxy certificate, and searching this hash in
/etc/grid-security/certificates ?!

Reply via email to