Bonjour Emmanuel,
> /etc/grid-security/vomsdir/biomed/cclcgvomsli01.in2p3.fr.lsc
> /O=GRID-FR/C=FR/O=CNRS/OU=CC-LYON/CN=cclcgvomsli01.in2p3.fr biomed
What is that "biomed" doing at the end of the line?
You need to remove that (including the space).
Similarly for the other VOs.
How did you make these files?
> /C=FR/O=CNRS/CN=GRID-FR
>
> /etc/grid-security/vomsdir/ops/lcg-voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch ops
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
>
> /etc/grid-security/vomsdir/ops/voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch ops
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
>
> /etc/grid-security/vomsdir/dteam/lcg-voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch dteam
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
>
> /etc/grid-security/vomsdir/dteam/voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch dteam
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
>
> /etc/grid-security/vomsdir/dzero/fg5x1.fnal.gov.lsc
> /DC=org/DC=doegrids/OU=Services/CN=http/voms.fnal.gov
> /DC=org/DC=doegrids/OU=Services/CN=http/voms.fnal.gov
>
> /etc/grid-security/vomsdir/atlas/voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch atlas
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
Why does the CA DN appear twice in that file and the following?
You need to remove the second instance.
> /etc/grid-security/vomsdir/alice/voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch alice
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
>
> /etc/grid-security/vomsdir/lhcb/voms.cern.ch.lsc
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch lhcb
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
> /DC=ch/DC=cern/CN=CERN Trusted Certification Authority
The format of any *.lsc file is as follows:
- on the first line the host DN of the VOMS server, without quotes
- on the second line the CA DN, without quotes
The file is put into a subdirectory of $X509_VOMS_DIR named after the VO,
and the file name is the VOMS server hostname followed by ".lsc".
By default $X509_VOMS_DIR is /etc/grid-security/vomsdir.
That directory and its contents should be writable only by root,
but world-readable.
|