http://globus.org/toolkit/docs/4.2/4.2.1/security/gsic/admin/#id2533449
On Nov 22, 2011, at 11:44 AM, <[email protected]> wrote: > I did a myproxy-init in a non-root session, but whit the myproxy service > running in root session: > > ---------------------------------------------------------------------- > www-data@cliente:/tmp$ myproxy-init -C cert.pem -y key.pem -l admin_ca > ---------------------------------------------------------------------- > > this was the output: > > ----------------------------- > Your identity: "my subjectDN" > > Creating proxy > ........................................................................ Done > Proxy Verify OK > Your proxy is valid until: Fri Nov 25 13:16:35 2011 > Error authenticating: GSS Major Status: Authentication Failed > GSS Minor Status Error Chain: > globus_gss_assist: Error during context initialization > globus_gsi_gssapi: Unable to verify remote side's credentials > globus_gsi_gssapi: Unable to verify remote side's credentials: Couldn't > verify the remote certificate > OpenSSL Error: s3_pkt.c:1102: in library: SSL routines, function > SSL3_READ_BYTES: sslv3 alert bad certificate SSL alert number 42 > ---------------------------------------------------------------- > > whit the correspondent /var/log/syslog output: > > -------------------------------------------------------------------------- > Nov 18 13:16:33 cliente myproxy-server[3699]: Connection from 127.0.1.1 > Nov 18 13:16:35 cliente myproxy-server[3699]: Error authenticating client: > GSS Major Status: Authentication Failed GSS Minor Status Error Chain: > globus_gsi_gssapi: SSLv3 handshake problems OpenSSL Error: s3_srvr.c:2602: > in library: SSL routines, function SSL3_GET_CLIENT_CERTIFICATE: no > certificate returned globus_gsi_callback_module: Could not verify > credential globus_gsi_callback_module: Can't get the local trusted CA > certificate: Cannot find trusted CA certificate with hash 52edec22 in > /etc/grid-security/certificates > Nov 18 13:16:35 cliente myproxy-server[3699]: Exiting: authentication failed > ---------------------------------------------------------------------------- > > why myproxy is creating a hash of the certificate from which I want to > obtain a proxy certificate, and searching this hash in > /etc/grid-security/certificates ?!
