All, OGF has a long standing policy against being in the "compliance testing" business(perhaps unstated - but it has been discussed endlessly in steering committee meetings.) Can you rename the test something like "interoperability suite" or something else? A
-----Original Message----- From: ogsa-hpcp-wg-bounces@ogf.org [mailto:ogsa-hpcp-wg-bounces@ogf.org] On Behalf Of Glenn Wasson Sent: Tuesday, October 30, 2007 3:16 PM To: ogsa-hpcp-wg@ogf.org Subject: [ogsa-hpcp-wg] HPC Basic Profile Compliance Tester support forclient authentication using X509
All,
I have added support to allow the HPC Basic Profile Compliance Tester to identify clients via X.509 (instead of just username/password). The service's URL is https://opteron4.cs.virginia.edu:45885/FormServerTemplates/HPCBasicProfi leCo mplianceTester.aspx.
On the left hand side, you will now see a radio button labeled "Client authentication". It has 2 options, "Username/password" and "X.509". If you select "Username / password", the username and password boxes will function as before. If you select "X.509", then those boxes will be disabled and the compliance tester will attempt to make a mutually-authenticated SSL connection to your service.
The certificate that the compliance tester uses is available at http://www.cs.virginia.edu/~gsw2c/HPCBasicProfileComplianceTesterCert.pe m. If you want to test your service's X.509 authentication, download and install this cert where ever it needs to go so that your service will trust the HPCBP Compliance tester. This is a self-signed cert that will expire about a week after SuperComputing.
Please let me know if you have problems.
Glenn
-- ogsa-hpcp-wg mailing list ogsa-hpcp-wg@ogf.org http://www.ogf.org/mailman/listinfo/ogsa-hpcp-wg