This has been fixed too now.
https://voms1.fnal.gov:8443/voms/lsst/configuration/configuration.action
On 25/04/2016 14:53, Alessandra Forti wrote:
> Thanks.
>
> On 25/04/2016 14:47, Daniela Bauer wrote:
>> Also
>>
>> https://voms1.fnal.gov:8443/voms/lsst/configuration/configuration.action
>>
>> still shows the 'old' config info and is now inconsistent with the
>> portal.
>>
>> Cheers,
>> Daniela
>>
>> On 25 April 2016 at 14:43, Daniela Bauer
>> <[log in to unmask]> wrote:
>>> Aren't they meant to send out an EGI Broadcast ? This is what
>>> everyone else is doing when they change their vomsserver certificate.
>>>
>>> Cheers,
>>> Daniela
>>>
>>> On 22 April 2016 at 18:35, sjones <[log in to unmask]> wrote:
>>>> Hi All,
>>>>
>>>> Admins supporting fermilab VOs should read this.
>>>>
>>>> I'll make a proper assessment and update next week.
>>>>
>>>> Sorry for all the flip/flopping about upstream which is the cause
>>>> of this.
>>>>
>>>> All I can do is relay the situation.
>>>>
>>>> Regards,
>>>>
>>>> Ste
>>>>
>>>>
>>>> -------- Original Message --------
>>>> Subject: Re: one liner to show problem
>>>> Date: 2016-04-22 15:58
>>>> From: Alessandra Forti <[log in to unmask]>
>>>> To: Stephen Jones <[log in to unmask]>
>>>>
>>>> Hi,
>>>>
>>>> I spoke to VOMS support now. They've updated also the voms1
>>>> certificate now.
>>>> This will affect also CDF, and fermilab VOs (I don't know if the
>>>> latter is
>>>> in your list I recall i had to add it to the list of VOs in the
>>>> wiki). The
>>>> real problem is that in the US they have an rpm to distribute
>>>> changes to the
>>>> VOMS, VO managers are not required to know about the changes. They
>>>> said
>>>> they'll contact the VO managers in question to update the portal.
>>>> So expect
>>>> further changes to announce.
>>>>
>>>> cheers
>>>> alessandra
>>>>
>>>> On 19/04/2016 14:09, Stephen Jones wrote:
>>>>> Hi Alessandra,
>>>>>
>>>>> This one-liner shows the problem -
>>>>>
>>>>> # wget -qO-
>>>>> http://operations-portal.egi.eu/xml/voIDCard/public/all/true |
>>>>> sed -e '1,/IDCard .* Name="lsst"/d' -e '/IDCard/,$d'
>>>>> VOIDCardInfo.xml | grep
>>>>> -A 2 "<VOMS_Server"
>>>>>
>>>>> --- output ---
>>>>>
>>>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>>> IsVomsAdminServer="1"
>>>>> MembersListUrl="https://voms.fnal.gov:8443/voms/lsst/services/VOMSAdmin?method=listMembers">
>>>>>
>>>>> <hostname>voms.fnal.gov</hostname>
>>>>> <X509Cert>
>>>>> -- <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>>> IsVomsAdminServer="0"
>>>>> MembersListUrl="https://voms1.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>>>>
>>>>> <hostname>voms1.fnal.gov</hostname>
>>>>> </VOMS_Server>
>>>>> <VOMS_Server HttpsPort="8443" VomsesPort="15003"
>>>>> IsVomsAdminServer="1"
>>>>> MembersListUrl="https://voms2.fnal.gov:8443/voms/fermilab/services/VOMSAdmin?method=listMembers">
>>>>>
>>>>> <hostname>voms2.fnal.gov</hostname>
>>>>> </VOMS_Server>
>>>>>
>>>>> The problem is that the first server (voms.fnal.gov) contains the
>>>>> X509Cert
>>>>> tag, needed for DN and CA_DN. The voms1.fnal.gov and
>>>>> voms2.fnal.gov servers
>>>>> do not show that tag.
>>>>>
>>>>> Ste
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>> --
>>> Sent from the pit of despair
>>>
>>> -----------------------------------------------------------
>>> [log in to unmask]
>>> HEP Group/Physics Dep
>>> Imperial College
>>> London, SW7 2BW
>>> Tel: +44-(0)20-75947810
>>> http://www.hep.ph.ic.ac.uk/~dbauer/
>>
>>
>
--
Respect is a rational process. \\//
Fatti non foste a viver come bruti (Dante)
|