Hmm you are right, it slipped through the normal signing process - we haven't had time to develop and test code to remove the email address from the host certificates yet, much less making it optional, but I can perhaps do something manually with the VOMS cert. Robert, do you want me to create one by hand and send it to you? Would that be useful? -j On 07/02/2012 15:47, Daniela Bauer wrote: > I've already filed a ticket. I really don't understand why this cannot > be fixed, escpecially as we now have to change the lsc files anyway. > This has been known for at least a year, it's not like this suddenly > came up. EMI does not support this structure at all and I feel like an > idiot everytime I have to ask on how to deal with this. > > Daniela > > > > On 7 February 2012 15:43, Robert Frank <[log in to unmask]> wrote: >> Hi Daniela, >> >> yes, it still has the email address in the DN. I will get a new one without >> the email address once the CA allows me to do it. Jens has confirmed that >> they are working on it and that it's pretty high on their todo list. >> Hopefully, I'll be able to get a new one later this year. >> >> Cheers, >> Robert >> >> >> On 07/02/12 15:16, Daniela Bauer wrote: >>> >>> Has anybody seen this mysterious certificate and can tell me if it >>> still has the obsolete email adress in (never mind the CA change) ? >>> >>> Cheers, >>> Daniela >>> >>> ---------- Forwarded message ---------- >>> From: EGI BROADCAST<[log in to unmask]> >>> Date: 7 February 2012 14:59 >>> Subject: [ EGI BROADCAST ] Upcoming VOMS server certificate renewal >>> for voms.gridpp.ac.uk >>> To: Site administrators/UKI-LT2-IC-HEP<[log in to unmask]> >>> >>> >>> >>> --------------------------------------------------------------------------------------------------------------- >>> EGI BROADCAST TOOL : https://operations-portal.egi.eu/broadcast >>> >>> >>> --------------------------------------------------------------------------------------------------------------- >>> Publication from : robert frank<[log in to unmask]> >>> Targets : Site >>> administrators/UKI-LT2-IC-HEP<[log in to unmask]> >>> >>> ---------------------------------------------------------------------------------------------------------------- >>> >>> >>> >>> Dear site admins, >>> >>> the server certificate on voms.gridpp.ac.uk is due to expire on the 19th >>> of >>> February. The new certificate will be installed on the 14th of February >>> between 8 and 8.30 am UTC. >>> Due to the rollover of the UK eScience CA, the CA DN that signed the >>> server >>> certificate has changed to "/C=UK/O=eScienceCA/OU=Authority/CN=UK >>> e-Science >>> CA 2B". All sites supporting any VOs hosted on this server will have to >>> update their LSC files. >>> >>> Best Regards, >>> >>> Robert Frank >>> >>> >>> >>> ---------------------------------------------------------------------------------------------------------------- >>> link to this broadcast : >>> https://operations-portal.egi.eu/broadcast/archive/id/597 >>> >>> ---------------------------------------------------------------------------------------------------------------- >>> >>> >>> >> > > >