Difference: OSGHostCertGeneration (1 vs. 2)

Revision 22006/11/20 - Main.TerrenceMartin

Line: 1 to 1
 
META TOPICPARENT name="WebHome"
Deleted:
<
<
 

How to Generate an OSG Certificate with the VDT and get it Signed

Line: 65 to 64
 
Changed:
<
<

Generate the host certificate

>
>

Move the old certificates to some backup area (eg. /etc/grid-security/oldcerts)

 
Added:
>
>
cd /etc/grid-security mkdir oldcerts mv host* oldcerts
 
Added:
>
>

Generate the host certificate

./globus/bin/grid-cert-request -host <FQ hostname>
 
Added:
>
>

Retrieve the Certificate

Take the contents of the file hostcert_request.pem and paste it into this form https://pki1.doegrids.org/CertBasedServerEnroll.html

Select OSG and iVDGL from the drop down and submit.

Paste the results into hostcert.pem

Authors

 -- TerrenceMartin - 20 Nov 2006 \ No newline at end of file

Revision 12006/11/20 - Main.TerrenceMartin

Line: 1 to 1
Added:
>
>
META TOPICPARENT name="WebHome"

How to Generate an OSG Certificate with the VDT and get it Signed

Contents

Introduction

Document describing how to generate and authorize a Grid certificate for a service host.

Note: This requires you be able to directly authorize a host cert

--++ Generating The Certificate

Setup the environment

cd $VDT_LOCATION
source setup.sh

Setup the cert request

$VDT_LOCATION/vdt/setup/setup-cert-requestsetup-cert-request
Reading from /data/vdt/globus/TRUSTED_CA
Using hash: 1c3f2ca8
Setting up grid-cert-request
Running grid-security-config...

Before you use the Grid Security Infrastructure, you should first
define the DN (distinguished name) that should be used for your
organization's X509 certificates.  If you do not define a DN,
a default DN will be assigned to you.

For some questions, a default response is given in [].
Pressing RETURN in response to such a question will enable the default.
This script will overwrite the file --

     /etc/grid-security/grid-security.conf


========================================================================

(1) Base DN for user certificates
         [ OU=People,DC=doegrids,DC=org ]
(2) Base DN for host certificates
         [ OU=Services,DC=doegrids,DC=org ]

========================================================================
(q) save, configure the GSI and Quit
(c) Cancel (exit without saving or configuring)
(h) Help
========================================================================

q
Successfully created cert request configuration files in:
/etc/grid-security

Generate the host certificate


-- TerrenceMartin - 20 Nov 2006

 
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback