LFC Certificates

From GridPP Wiki
Revision as of 14:58, 23 November 2005 by Graeme stewart (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

For the LCG File Catalog to function correctly, it needs to be able to present a valid host certificate. As LFC daemon runs as a non privileged user (a good thing!) a copy of the certificate needs to be made that the lfcmgr user can read.

This certificate is copied by YAIM at install time to /etc/grid-security/lfcmgr/

 # ls -l /etc/grid-security/lfcmgr
 -r--r--r--    1 lfcmgr   lfcmgr       2216 Jul 25 13:28 lfccert.pem
 -r--------    1 lfcmgr   lfcmgr       3340 Jul 25 13:28 lfckey.pem

If you later update the host certificate, you must make a new copy of the certificate for lfcmgr with the permissions above.