TWiki
>
Computing Web
>
LocalGridInternals
>
CertificateRenewal
(revision 4) (raw view)
Edit
Attach
---+ Grid Certificate Renewal A page detailing how grid certificates are renewed for grid resources. These instructions should not be followed for user certificates! %TOC% ---++ General Procedure 1 Locate the hostcert.pem and hostkey.pem files on the grid node. 1 Convert with the command =openssl -pkcs12 -export -in hostcert.pem -inkey hostkey.pem -out cert.p12=. 1 Transfer the .p12 file to local file system (ie epdt82) 1 Import certificate into mozilla. Note that multiple profiles (Tools -> Switch Profiles) can be used to manage multiple certificates! 1 Renew the certificate at [[https://ca-ra.grid-support.ac.uk][https://ca-ra.grid-support.ac.uk]] *Note that when prompted, the same password is used to protect certificates as is used to log onto the appropriate node!* ---++ Certificate Locations: ---+++ epgce2 | *Filename* | *Owner* | *Group* | *Permissions* | | /etc/grid-security/hostkey.pem | root | root | 400 | | /etc/grid-security/hostcert.pem | root | root | 644 | | /home/glite/.certs/hostkey.pem | glite | glite | 400 | | /home/glite/.certs/hostcert.pem | glite | glite | 644 | ---+++ epgce3 | *Filename* | *Owner* | *Group* | *Permissions* | | /etc/grid-security/hostkey.pem | root | root | 400 | | /etc/grid-security/hostcert.pem | root | root | 644 | | /home/glite/.certs/hostkey.pem | glite | glite | 400 | | /home/glite/.certs/hostcert.pem | glite | glite | 644 | ---+++ epgmo1 | *Filename* | *Owner* | *Group* | *Permissions* | | /etc/grid-security/hostkey.pem | root | root | 400 | | /etc/grid-security/hostcert.pem | root | root | 644 | | /etc/tomcat5/hostkey.pem | tomcat | tomcat | 400 | | /etc/tomcat5/hostcert.pem | tomcat | tomcat | 644 | | /etc/grid-security/lfcmgr/lfckey.pem | lfcmgr | lfcmgr | 400 | | /etc/grid-security/lfcmgr/lfccert.pem | lfcmgr | lfcmgr | 644 | | /opt/glite/var/rgma/.certs/hostkey.pem | rgma | rgma | 400 | | /opt/glite/var/rgma/.certs/hostcert.pem | rgma | rgma | 644 | The public and private keys of ce1-4 and se1 appear in =/data1/grid/certs/_hostname_/host_(cert || key)_.pem=, belonging to root. ---+++ epgsr1 | *Filename* | *Owner* | *Group* | *Permissions* | | /etc/grid-security/hostkey.pem | root | root | 400 | | /etc/grid-security/hostcert.pem | root | root | 644 | | /etc/grid-security/dpmmgr/dpmkey.pem | dpmmgr | dpmmgr | 400 | | /etc/grid-security/dpmmgr/dpmcert.pem | dpmmgr | dpmmgr | 644 | | /home/edginfo/.globus/userkey.pem | edginfo | edginfo | 400 | | /home/edginfo/.globus/usercert.pem | edginfo | edginfo | 644 | | /home/edguser/.globus/userkey.pem | edguser | edguser | 400 | | /home/edguser/.globus/usercert.pem | edguser | edguser | 644 | -- Main.ChristopherCurtis - 24 Jul 2009
Edit
|
Attach
|
Watch
|
P
rint version
|
H
istory
:
r5
<
r4
<
r3
<
r2
<
r1
|
B
acklinks
|
V
iew topic
|
Raw edit
|
More topic actions...
Topic revision: r4 - 21 Aug 2009
-
_47C_61UK_47O_61eScience_47OU_61Birmingham_47L_61ParticlePhysics_47CN_61christopher_32curtis
?
Computing
Log In
Computing Web
Create New Topic
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
Webs
ALICE
ATLAS
BILPA
CALICE
Computing
General
LHCb
LinearCollider
Main
NA62
Publish
Sandbox
TWiki
Welcome
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback