I can still not authenticate to the lxn1188.cern.ch resource broker, the default one on my UI. I have a valid Datagrid-fr certificate, and I get the following error: edg-gridftp-ls -v gsiftp://lxn1188.cern.ch/ error the server sent an error response: 535 535-FTPD GSSAPI error: GSS Major Status: Authentication Failed 535-FTPD GSSAPI error: GSS Minor Status Error Chain: 535-FTPD GSSAPI error: 535-FTPD GSSAPI error: accept_sec_context.c:170: gss_accept_sec_context: SSLv3 handshake problems 535-FTPD GSSAPI error: globus_i_gsi_gss_utils.c:881: globus_i_gsi_gss_handshake: Unable to verify remote side's credentials 535-FTPD GSSAPI error: globus_i_gsi_gss_utils.c:854: globus_i_gsi_gss_handshake: SSLv3 handshake problems: Couldn't do ssl handshake 535-FTPD GSSAPI error: OpenSSL Error: s3_srvr.c:1816: in library: SSL routines, function SSL3_GET_CLIENT_CERTIFICATE: no certificate returned 535-FTPD GSSAPI error: globus_gsi_callback.c:351: globus_i_gsi_callback_handshake_callback: Could not verify credential 535-FTPD GSSAPI error: globus_gsi_callback.c:477: globus_i_gsi_callback_cred_verify: Could not verify credential 535-FTPD GSSAPI error: globus_gsi_callback.c:769: globus_i_gsi_callback_check_revoked: Invalid CRL: The available CRL has expired 535 FTPD GSSAPI error: accepting context error the server sent an error response: 535 535-FTPD GSSAPI error: GSS Major Status: Authentication Failed 535-FTPD GSSAPI error: GSS Minor Status Error Chain: 535-FTPD GSSAPI error: 535-FTPD GSSAPI error: accept_sec_context.c:170: gss_accept_sec_context: SSLv3 handshake problems 535-FTPD GSSAPI error: globus_i_gsi_gss_utils.c:881: globus_i_gsi_gss_handshake: Unable to verify remote side's credentials 535-FTPD GSSAPI error: globus_i_gsi_gss_utils.c:854: globus_i_gsi_gss_handshake: SSLv3 handshake problems: Couldn't do ssl handshake 535-FTPD GSSAPI error: OpenSSL Error: s3_srvr.c:1816: in library: SSL routines, function SSL3_GET_CLIENT_CERTIFICATE: no certificate returned 535-FTPD GSSAPI error: globus_gsi_callback.c:351: globus_i_gsi_callback_handshake_callback: Could not verify credential 535-FTPD GSSAPI error: globus_gsi_callback.c:477: globus_i_gsi_callback_cred_verify: Could not verify credential 535-FTPD GSSAPI error: globus_gsi_callback.c:769: globus_i_gsi_callback_check_revoked: Invalid CRL: The available CRL has expired 535 FTPD GSSAPI error: accepting context However, I can authenticate, submit jobs and retrieve output using lxn1177.cern.ch. I can see that users trying to submit jobs to our CE ce001.grid.bas.bg from lxn1188.cern.ch, are having authentication problems too: Notice: 6: Got connection 137.138.152.217 at Wed Jan 5 11:27:44 2005 Failed reading length 0 GSS authentication failure globus_gss_assist token :3: read failure: Connection closed Failure: GSS failed Major:01090000 Minor:00000000 Token:00000003 Failure: GSS failed Major:01090000 Minor:00000000 Token:00000003 I explicitly allowed access for 137.138.152.217 through our firewall, and I manually updated the CRLs. What can be done about these problems? Thanks in advance, Emanouil Atanassov BG01-IPP site administrator [log in to unmask]