Generating UKHEP Host Certificates
If you wish to generate certificate requests in the UKHEP name space- Save a copy of your old Globus gatekeeper certificates (assuming they
have not expired:
cd /opt/globus/etc cp -p globus-gatekeeper.cert globus-gatekeeper.key
- Update your Globus configuration to generate certificate requests in our
name space.
vi /opt/globus-install/etc/globus-host-ssleay.conf Replace the line with 1.organizationName_default to be: 1.organizationName_default = UKHEP
- Log in as the globus user
Ensure you have /opt/globus-install/tools/i686-pc-linux-gnu/bin in your path. grid-cert-request -gatekeeperThis will generate a request globus_request.pem to be mailed off to ca@hep.grid.ac.uk (make sure you email from a host/id that can receive email). Email from your personal email address. WE WILL NOT ISSUE CERTIFICATES TO GENERAL IDS SUCH AS ROOT AS WE CANNOT CHECK WHO ACTUALLY MADE THE REQUEST.-key globus-gatekeeper.key -cert globus-gatekeeper.cert -req globus_request.pem -nopw Once you receive the reply install it in globus-gatekeeper.cert for safe keeping. You now have the gatekeeper keys safely cached on your globus ID.
- Note that for the time being we will validate your request by emailing you and your Site contact for confirmation.
- Copy the gatekeeper keys to the server configuration in
the $DEPLOY/etc directory.
Last modified Wed 26 November 2003 . View page history
Switch to HTTPS . Website Help . Print View . Built with GridSite 1.4.3