Just for completion: The reason on the other SE was that the
certificate stored under /var/lib/ldap/ was an old one (the service on
srm.glite wasn't running since a long time, so probably nobody noticed
before; I only restarted it after adding lsst and checked that the
certificates in /etc/grid-security are recent). After fixing that, it
also works now.
Hopefully both should be visible soon on the top level bdii.
Cheers,
Marcus
On Tue, Mar 1, 2016 at 5:24 PM, Marcus Ebert <[log in to unmask]> wrote:
> On Tue, Mar 1, 2016 at 5:14 PM, Stephen Burke <[log in to unmask]> wrote:
>> Testbed Support for GridPP member institutes [mailto:TB-
>>> [log in to unmask]] On Behalf Of Marcus Ebert said:
>>> If I run it both by hand it produces a lot of output but no error.
>>
>> Did you run it as root? The BDII normally runs as ldap, I'm guessing it doesn't have read access to the host certificate?
>>
> Ah, that makes sense. Indeed, the certificate was owned by root and
> couldn't be read by ldap-user. After changing that, the error in the
> log file is gone. and using lcg-infosites with our local bdii shows
> the SE where I just changed it!
>
> Thanks a lot for your help!
> Marcus
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
|