Thanks.
On 25/04/2016 14:47, Daniela Bauer wrote:
> Also
>
> https://voms1.fnal.gov:8443/voms/lsst/configuration/configuration.action
>
> still shows the 'old' config info and is now inconsistent with the portal.
>
> Cheers,
> Daniela
>
> On 25 April 2016 at 14:43, Daniela Bauer
> <[log in to unmask]> wrote:
>> Aren't they meant to send out an EGI Broadcast ? This is what
>> everyone else is doing when they change their vomsserver certificate.
>>
>> Cheers,
>> Daniela
>>
>> On 22 April 2016 at 18:35, sjones <[log in to unmask]> wrote:
>>> Hi All,
>>>
>>> Admins supporting fermilab VOs should read this.
>>>
>>> I'll make a proper assessment and update next week.
>>>
>>> Sorry for all the flip/flopping about upstream which is the cause of this.
>>>
>>> All I can do is relay the situation.
>>>
>>> Regards,
>>>
>>> Ste
>>>
>>>
>>> -------- Original Message --------
>>> Subject: Re: one liner to show problem
>>> Date: 2016-04-22 15:58
>>> From: Alessandra Forti <[log in to unmask]>
>>> To: Stephen Jones <[log in to unmask]>
>>>
>>> Hi,
>>>
>>> I spoke to VOMS support now. They've updated also the voms1 certificate now.
>>> This will affect also CDF, and fermilab VOs (I don't know if the latter is
>>> in your list I recall i had to add it to the list of VOs in the wiki). The
>>> real problem is that in the US they have an rpm to distribute changes to the
>>> VOMS, VO managers are not required to know about the changes. They said
>>> they'll contact the VO managers in question to update the portal. So expect
>>> further changes to announce.
>>>
>>> cheers
>>> alessandra
>>>
>>> On 19/04/2016 14:09, Stephen Jones wrote:
>>>> Hi Alessandra,
>>>>
>>>> This one-liner shows the problem -
>>>>
>>>> # wget -qO- http://operations-portal.egi.eu/xml/voIDCard/public/all/true |
>>>> sed -e '1,/IDCard .* Name="lsst"/d' -e '/IDCard/,$d' VOIDCardInfo.xml | grep
>>>> -A 2 "<VOMS_Server"
>>>>
>>>> --- output ---
>>>>
>>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>> IsVomsAdminServer="1"
>>>> MembersListUrl="https://voms.fnal.gov:8443/voms/lsst/services/VOMSAdmin?method=listMembers">
>>>> <hostname>voms.fnal.gov</hostname>
>>>> <X509Cert>
>>>> -- <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>> IsVomsAdminServer="0"
>>>> MembersListUrl="https://voms1.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>>> <hostname>voms1.fnal.gov</hostname>
>>>> </VOMS_Server>
>>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>> IsVomsAdminServer="1"
>>>> MembersListUrl="https://voms2.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>>> <hostname>voms2.fnal.gov</hostname>
>>>> </VOMS_Server>
>>>>
>>>> The problem is that the first server (voms.fnal.gov) contains the X509Cert
>>>> tag, needed for DN and CA_DN. The voms1.fnal.gov and voms2.fnal.gov servers
>>>> do not show that tag.
>>>>
>>>> Ste
>>>>
>>>>
>>>>
>>>>
>>
>>
>> --
>> Sent from the pit of despair
>>
>> -----------------------------------------------------------
>> [log in to unmask]
>> HEP Group/Physics Dep
>> Imperial College
>> London, SW7 2BW
>> Tel: +44-(0)20-75947810
>> http://www.hep.ph.ic.ac.uk/~dbauer/
>
>
--
Respect is a rational process. \\//
Fatti non foste a viver come bruti (Dante)
|