Hi Henry,
>>Check if /etc/grid-security/vomsdir/*/*.lsc have the correct contents
>>and (for VOs without *.lsc files) if /etc/grid-security/vomsdir has
>>valid certificates for the supported VOMS servers.
>
>
> I can't say that I investigated in any detail, but on both an
> lcg-CE and a DPM SE I found that I needed the certificate in
> /etc/grid-security/vomsdir even for those VOs WITH *.lsc files,
> otherwise I got authentication errors,
> e.g.
>
> 142223-LCAS 0: lcas_plugin_voms-plugin_confirm_authorization_from_x509(): VOMS Signature error (failure)!
> ...
> 4536692-Failure: globus_gss_assist_gridmap() failed authorization. globus_gss_assist: Error invoking callout
> 4536693-globus_callout_module: The callout returned an error
> 4536694-an unknown error occurred
>
> on the CE and
>
> 01/27 17:18:47 3145,0 srmv1: SRM02 - soap_serve error : [::ffff:134.83.94.53] (young.brunel.ac.uk) : CGSI-gSOAP: Error retrieveing the VOMS credentials
>
> or
>
> [29388] Tue Jan 27 17:12:23 2009 :: young.brunel.ac.uk:41690: [SERVER]: 530 Login incorrect. : VOMS error when processing cert
>
> on the SE.
What are the contents and modes of the relevant *.lsc files?
For example:
cat -A /etc/grid-security/vomsdir/foo/foo-voms.lsc
ls -la /etc/grid-security/vomsdir/foo/
|