Also
https://voms1.fnal.gov:8443/voms/lsst/configuration/configuration.action
still shows the 'old' config info and is now inconsistent with the portal.
Cheers,
Daniela
On 25 April 2016 at 14:43, Daniela Bauer
<[log in to unmask]> wrote:
> Aren't they meant to send out an EGI Broadcast ? This is what
> everyone else is doing when they change their vomsserver certificate.
>
> Cheers,
> Daniela
>
> On 22 April 2016 at 18:35, sjones <[log in to unmask]> wrote:
>> Hi All,
>>
>> Admins supporting fermilab VOs should read this.
>>
>> I'll make a proper assessment and update next week.
>>
>> Sorry for all the flip/flopping about upstream which is the cause of this.
>>
>> All I can do is relay the situation.
>>
>> Regards,
>>
>> Ste
>>
>>
>> -------- Original Message --------
>> Subject: Re: one liner to show problem
>> Date: 2016-04-22 15:58
>> From: Alessandra Forti <[log in to unmask]>
>> To: Stephen Jones <[log in to unmask]>
>>
>> Hi,
>>
>> I spoke to VOMS support now. They've updated also the voms1 certificate now.
>> This will affect also CDF, and fermilab VOs (I don't know if the latter is
>> in your list I recall i had to add it to the list of VOs in the wiki). The
>> real problem is that in the US they have an rpm to distribute changes to the
>> VOMS, VO managers are not required to know about the changes. They said
>> they'll contact the VO managers in question to update the portal. So expect
>> further changes to announce.
>>
>> cheers
>> alessandra
>>
>> On 19/04/2016 14:09, Stephen Jones wrote:
>>>
>>> Hi Alessandra,
>>>
>>> This one-liner shows the problem -
>>>
>>> # wget -qO- http://operations-portal.egi.eu/xml/voIDCard/public/all/true |
>>> sed -e '1,/IDCard .* Name="lsst"/d' -e '/IDCard/,$d' VOIDCardInfo.xml | grep
>>> -A 2 "<VOMS_Server"
>>>
>>> --- output ---
>>>
>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>> IsVomsAdminServer="1"
>>> MembersListUrl="https://voms.fnal.gov:8443/voms/lsst/services/VOMSAdmin?method=listMembers">
>>> <hostname>voms.fnal.gov</hostname>
>>> <X509Cert>
>>> -- <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>> IsVomsAdminServer="0"
>>> MembersListUrl="https://voms1.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>> <hostname>voms1.fnal.gov</hostname>
>>> </VOMS_Server>
>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>> IsVomsAdminServer="1"
>>> MembersListUrl="https://voms2.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>> <hostname>voms2.fnal.gov</hostname>
>>> </VOMS_Server>
>>>
>>> The problem is that the first server (voms.fnal.gov) contains the X509Cert
>>> tag, needed for DN and CA_DN. The voms1.fnal.gov and voms2.fnal.gov servers
>>> do not show that tag.
>>>
>>> Ste
>>>
>>>
>>>
>>>
>>
>
>
>
> --
> Sent from the pit of despair
>
> -----------------------------------------------------------
> [log in to unmask]
> HEP Group/Physics Dep
> Imperial College
> London, SW7 2BW
> Tel: +44-(0)20-75947810
> http://www.hep.ph.ic.ac.uk/~dbauer/
--
Sent from the pit of despair
-----------------------------------------------------------
[log in to unmask]
HEP Group/Physics Dep
Imperial College
London, SW7 2BW
Tel: +44-(0)20-75947810
http://www.hep.ph.ic.ac.uk/~dbauer/
|