Compliance tester with X509 support
Hi all We (CREAM-BES team) are facing several problems with the new authentication support of the compliance tester based on X509 certificates. If we undestand correctly the client uses a self-signed certificate for the authentication and the gLite security infrastructure (trustmanager, LCAS/LCMAPS) seems not to allow that kind of credential. Is it possible for the client to have its own certificate signed by the certificate above (acting in this case as a CA certificate)? Thanks Paolo
Hi All, I have just added GridSAM to the wiki page. This service instance is to be used for the basic(without extensions) HPCP interop. Even though there is a link in the '4. Show Job Output' section - this is not the DataStaging support. The link points to a spool dir where each job output can be monitored. For each submission there will be a subdir named 'gridsam-<long_hex_number>' where <long_hex_number> is the job ID GridSAM assigns and it is found inside the EPR returned by a 'CreateActivity' call. E-mail me directly to get the Username/Password for this service. I should have another service with added support for DataStaging and ActivityCredentials soon. regards -- ----------------------------------------------------------------- Vesso A. Novov -- Research Assistant -- ----------------------------------------------------------------- London e-Science Centre http://www.lesc.doc.ic.ac.uk Imperial College London, Department of Computing 180 Queen's Gate, London SW7 2RH, UK tel: +44 (0)207-594-8399 fax: +44 (0)207-581-8024 -----------------------------------------------------------------
Hi all, I'd like to start testing my client with other services and I need the username/password for those services. Could I get the contact e-mail addresses for these projects: EGEE2/OMII-Europe GREAM-BES Nordugrid/KnowARC A-REX Forschungszentrum Juelich UNICORE thanks Vesso -- ----------------------------------------------------------------- Vesso A. Novov -- Research Assistant -- ----------------------------------------------------------------- London e-Science Centre http://www.lesc.doc.ic.ac.uk Imperial College London, Department of Computing 180 Queen's Gate, London SW7 2RH, UK tel: +44 (0)207-594-8399 fax: +44 (0)207-581-8024 -----------------------------------------------------------------
Vesselin Novov wrote:
Hi all,
I'd like to start testing my client with other services and I need the username/password for those services. Could I get the contact e-mail addresses for these projects:
EGEE2/OMII-Europe GREAM-BES Nordugrid/KnowARC A-REX Forschungszentrum Juelich UNICORE
thanks Vesso
Hi Vesso The CREAM-BES does not support username&password, only X509 certificates. What we need is the certificate of the CA issuing the client certificate (for the authentication) and the DN contained into the client certificate (for the authorization). If your middleware support VOMS attribute you can send FQAN instead of DN. The service URL you can use is published in: http://forge.ogf.org/sf/go/projects.ogsa-hpcp-wg/wiki Keep in touch Paolo
Dear Vesselin Novov,
I'd like to start testing my client with other services and I need the username/password for those services. Could I get the contact e-mail addresses for these projects:
EGEE2/OMII-Europe GREAM-BES Nordugrid/KnowARC A-REX Forschungszentrum Juelich UNICORE
We have only X509 authentication! I see that you have uploaded your CA cert: https://gridsam.lesc.doc.ic.ac.uk:18443/sc07demo/omii_ca.cert How can I convert this omii_ca.cert to PEM format, could you write to me? I cannot do it! I would like create its hash and rename it to hash name'! I will import it and after this you can test your client. Please import also our CA cert: http://www.ca.niif.hu/Certificates/niif_ca_root_x509.pem Best regards, Gabor Roczei Nordugrid/KnowARC
Gabor, Gabor ROCZEI wrote:
Dear Vesselin Novov,
I'd like to start testing my client with other services and I need the username/password for those services. Could I get the contact e-mail addresses for these projects:
EGEE2/OMII-Europe GREAM-BES Nordugrid/KnowARC A-REX Forschungszentrum Juelich UNICORE
We have only X509 authentication! I see that you have uploaded your CA cert:
https://gridsam.lesc.doc.ic.ac.uk:18443/sc07demo/omii_ca.cert
How can I convert this omii_ca.cert to PEM format, could you write to me? I cannot do it!
The command(Linux) for converting DER to PEM: 'openssl x509 -inform der -in <cert_file_in_der_format> -out <cert_file_in_pem_format>' But, I've changed the wiki link to point to a pem version of the GridSAM's CA cert. --Vesso
participants (3)
-
Gabor ROCZEI -
Paolo Andretto -
Vesselin Novov