Hi all,
David Meder-Marouelli wrote:
> this may be a stupid question, but:
>
> How can I determine the DN of the host certificate of a node in the
> grid, like for rb106.cern.ch?
Assuming you know the port you want to connect to, and the server
is using an SSL/TLS protocol, the following will work:
/usr/bin/openssl s_client -host rb106.cern.ch -port 9000 \
< /dev/null 2>/dev/null | grep issuer=
gives
issuer=/DC=ch/DC=cern/OU=computers/CN=rb106.cern.ch
of course, a server listening on a different port may have a different
cert and subject name.
Cheers,
DavidG.
>
> I know there is a field in the GOCDB for this, but not all sites seem to
> fill it...
> As far as I can see the infosystem doesn't help much either.
>
> Thanks for any help,
>
> David
>
--
David Groep
** National Institute for Nuclear and High Energy Physics, PDP/Grid group **
** Room: H1.56 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
|