now i enter the " grid-proxy-init -debug -verify " in globus user not nadia ,and the answer is : " globus@nadia-laptop:~$ grid-proxy-init -debug -verify
User Cert File: /home/globus/.globus/usercert.pem User Key File: /home/globus/.globus/userkey.pem Trusted CA Cert Dir: /home/globus/.globus/certificates Output File: /tmp/x509up_u1001 Your identity: /C=IR/ST=Urmia/L=Urmia/O=Grid/OU=GridTest/CN=GT/[email protected] Enter GRID pass phrase for this identity: Error: Couldn't read user key: Bad passphrase for key in /home/globus/.globus/userkey.pem grid_proxy_init.c:812: globus_credential: Error reading user credential: Can't read credential's private key from PEM OpenSSL Error: pem_lib.c:428: in library: PEM routines, function PEM_do_header: bad decrypt OpenSSL Error: evp_enc.c:330: in library: digital envelope routines, function EVP_DecryptFinal_ex: bad decrypt " should i enter it here or in nadia user? which of them are true?! ________________________________ From: Joseph Bester <[email protected]> To: Nadia Aidan <[email protected]> Cc: "[email protected]" <[email protected]> Sent: Monday, October 29, 2012 9:38 PM Subject: Re: [gt-user] Verify the SimpleCA Looks like you have a directory ~/.globus/certificates Copy the files from the tarball into that directory, or redo the untar command after doing cd ~/.globus/certificates Joe On Oct 29, 2012, at 2:01 PM, Nadia Aidan <[email protected]> wrote: > i did it , but the answer is : > " > nadia@nadia-laptop:~$ sudo tar --strip 1 --exclude debian -zxf > /home/nadia/.globus/certificates/globus_simple_ca_*.tar.gz > nadia@nadia-laptop:~$ grid-proxy-init -debug -verify > User Cert File: /home/nadia/.globus/usercert.pem > User Key File: /home/nadia/.globus/userkey.pem > > Trusted CA Cert Dir: /home/nadia/.globus/certificates > > Output File: /tmp/x509up_u1000 > Your identity: > /O=Grid/OU=GlobusTest/OU=simpleCA-nadia-laptop/OU=local/CN=nadia > Enter GRID pass phrase for this identity: > Creating proxy ......++++++++++++ > .......++++++++++++ > Done > Error: Couldn't verify the authenticity of the user's credential to generate > a proxy from. > grid_proxy_init.c:971: globus_credential: Error verifying credential: >Failed to verify credential > globus_gsi_callback_module: Could not verify credential > globus_gsi_callback_module: Can't get the local trusted CA certificate: > Cannot find trusted CA certificate with hash d45fffae in > /home/nadia/.globus/certificates > " > > did i make a mistake some where? > > > > From: Joseph Bester <[email protected]> > To: Nadia Aidan <[email protected]> > Cc: "[email protected]" <[email protected]> > Sent: Monday, October 29, 2012 9:00 PM > Subject: Re: [gt-user] Verify the SimpleCA > > > Then something like this (as root) > > tar --strip 1 --exclude debian -zxf ~globus/simpleCA/globus_simple_ca_*.tar.gz > > will deploy the ca into the trusted certificates directory. This will enable > the globus tools to verify certificates signed by that CA. > > Joe > > On Oct 29, 2012, at 1:11 PM, Nadia Aidan <[email protected]> wrote: > > No i just have the first machin yet , and about "globus_simple_ca_*.tar.gz" > > , i have it , but how should i install it ?and may you please explain more > > about your last statement?, i mean (When you created the CA (if you did so > > as the globus user) you should have a tarball in > > ~globus/simpleCA/globus_simple_ca_*.tar.gz > > You'll need to install the .0 and .signing_policy files from that tarball > > in /etc/grid-security/certificates.), and abour another machin ? and should > > i verify my CA after install the tarball? > > > > Nadia > > >
