David Groep wrote:
> Hi all,
>
> David Meder-Marouelli wrote:
>
>> this may be a stupid question, but:
>>
>> How can I determine the DN of the host certificate of a node in the
>> grid, like for rb106.cern.ch?
>
>
> Assuming you know the port you want to connect to, and the server
> is using an SSL/TLS protocol, the following will work:
>
> /usr/bin/openssl s_client -host rb106.cern.ch -port 9000 \
> < /dev/null 2>/dev/null | grep issuer=
>
> gives
>
> issuer=/DC=ch/DC=cern/OU=computers/CN=rb106.cern.ch
>
> of course, a server listening on a different port may have a different
> cert and subject name.
Unfortunately it does not work for a GridFTP server, SRM or gatekeeper...
|