Feature #34708

Ajout AC

Added by Guterl Patrick 11 months ago. Updated 11 months ago.

Status:NewStart date:07/16/2018
Priority:LowDue date:
Assigned To:-% Done:

0%

Category:-
Target version:-

Description

For french user

Pour info:
Changement de l'AC pour le certificat X509 /C=FR/O=MENESR/OU=GRID-FR/CN=AC GRID-FR Services

pour la commande jsaga-context-init.sh
en cas de message d erreur
NoSuccess: org.italiangrid.voms.VOMSError: User credential is not valid...

vérifier que les fichiers commençant par AC-GRID-FR.. et les fichiers signing_policy associés existent dans /etc/grid-security/certificates

History

#1 Updated by Schwarz Lionel 11 months ago

Bonjour Patrick

Pour valider la chaîne de certificats, JSAGA se base (via l'API org.italiangrid.voms) sur les certificats de CA installés dans le répertoire que tu as configuré avec <attribute name="CertRepository" value="/etc/grid-security/certificates"/>

Il faut donc que tu vérifies que le certificat de la nouvelle AC est bien installé dans "/etc/grid-security/certificates" avec le bon nom et les bons droits. Pour info sur les machines du CC, nous avons:

/etc/grid-security/certificates"("0")>"ll |grep AC-GRID
lrwxrwxrwx 1 root root    23 Jun 27 03:42 14e86c33.0 -> AC-GRID-FR-Services.pem
lrwxrwxrwx 1 root root    34 Jun 27 03:42 14e86c33.signing_policy -> AC-GRID-FR-Services.signing_policy
lrwxrwxrwx 1 root root    14 Jun 27 03:42 16054abd.0 -> AC-GRID-FR.pem
lrwxrwxrwx 1 root root    21 Jun 27 03:42 16054abd.namespaces -> AC-GRID-FR.namespaces
lrwxrwxrwx 1 root root    25 Jun 27 03:42 16054abd.signing_policy -> AC-GRID-FR.signing_policy
lrwxrwxrwx 1 root root    21 Jun 27 03:42 37a553c6.0 -> AC-GRID-FR-Robots.pem
lrwxrwxrwx 1 root root    32 Jun 27 03:42 37a553c6.signing_policy -> AC-GRID-FR-Robots.signing_policy
lrwxrwxrwx 1 root root    21 Jun 27 03:42 3f638905.0 -> AC-GRID-FR-Robots.pem
lrwxrwxrwx 1 root root    32 Jun 27 03:42 3f638905.signing_policy -> AC-GRID-FR-Robots.signing_policy
lrwxrwxrwx 1 root root    23 Jun 27 03:42 5e02f50a.0 -> AC-GRID-FR-Services.pem
lrwxrwxrwx 1 root root    34 Jun 27 03:42 5e02f50a.signing_policy -> AC-GRID-FR-Services.signing_policy
lrwxrwxrwx 1 root root    25 Jun 27 03:42 72aa436d.0 -> AC-GRID-FR-Personnels.pem
lrwxrwxrwx 1 root root    36 Jun 27 03:42 72aa436d.signing_policy -> AC-GRID-FR-Personnels.signing_policy
lrwxrwxrwx 1 root root    14 Jun 27 03:42 7ca9677b.0 -> AC-GRID-FR.pem
lrwxrwxrwx 1 root root    21 Jun 27 03:42 7ca9677b.namespaces -> AC-GRID-FR.namespaces
lrwxrwxrwx 1 root root    25 Jun 27 03:42 7ca9677b.signing_policy -> AC-GRID-FR.signing_policy
lrwxrwxrwx 1 root root    25 Jun 27 03:42 80df9b28.0 -> AC-GRID-FR-Personnels.pem
lrwxrwxrwx 1 root root    36 Jun 27 03:42 80df9b28.signing_policy -> AC-GRID-FR-Personnels.signing_policy
-rw-r--r-- 1 root root    68 Jun 19 09:16 AC-GRID-FR-Personnels.crl_url
-rw-r--r-- 1 root root   505 Jun 19 09:16 AC-GRID-FR-Personnels.info
-rw-r--r-- 1 root root  2057 Jun 19 09:16 AC-GRID-FR-Personnels.pem
-rw-r--r-- 1 root root   290 Jun 19 09:16 AC-GRID-FR-Personnels.signing_policy
-rw-r--r-- 1 root root    64 Jun 19 09:16 AC-GRID-FR-Robots.crl_url
-rw-r--r-- 1 root root   485 Jun 19 09:16 AC-GRID-FR-Robots.info
-rw-r--r-- 1 root root  2053 Jun 19 09:16 AC-GRID-FR-Robots.pem
-rw-r--r-- 1 root root   278 Jun 19 09:16 AC-GRID-FR-Robots.signing_policy
-rw-r--r-- 1 root root    66 Jun 19 09:16 AC-GRID-FR-Services.crl_url
-rw-r--r-- 1 root root   495 Jun 19 09:16 AC-GRID-FR-Services.info
-rw-r--r-- 1 root root  2053 Jun 19 09:16 AC-GRID-FR-Services.pem
-rw-r--r-- 1 root root   284 Jun 19 09:16 AC-GRID-FR-Services.signing_policy
-rw-r--r-- 1 root root    57 Jun 19 09:16 AC-GRID-FR.crl_url
-rw-r--r-- 1 root root   450 Jun 19 09:16 AC-GRID-FR.info
-rw-r--r-- 1 root root  1014 Jun 19 09:16 AC-GRID-FR.namespaces
-rw-r--r-- 1 root root  1728 Jun 19 09:16 AC-GRID-FR.pem
-rw-r--r-- 1 root root   395 Jun 19 09:16 AC-GRID-FR.signing_policy

Also available in: Atom PDF