 |
 |
Hi, yes, I am using Chrome on Windows (will try FF on Linux later) with the os key store. Can anyone point me to the official reference for this issue, or post it here please? https://cern.service-now.com/service-portal/view-incident.do?n=INC1520340 Seem the CERN voms people don't know what I am talking about. Thanks, Simon ________________________________ From: Testbed Support for GridPP member institutes <[log in to unmask]> on behalf of Moore, Darren (STFC,RAL,SC) <[log in to unmask]> Sent: 30 November 2017 10:36 To: [log in to unmask] Subject: Re: I cannot connect to lcg-voms2.cern.ch - can anyone else? Just a thought...if memory serves (and depending on you OS - I'm thinking Windows here), Firefox by default uses its own key store rather than the system one. On that premise you might want to check which cert you are updating and confirm where you are actually getting your cert from. D. -----Original Message----- From: Testbed Support for GridPP member institutes [mailto:[log in to unmask]] On Behalf Of Robert Frank Sent: 30 November 2017 10:28 To: [log in to unmask] Subject: Re: I cannot connect to lcg-voms2.cern.ch - can anyone else? Hmm, it was certainly working when I tried it in my Firefox. You could try to delete all eScience certificates from the Authorities list, then the browser should only send your certificate and not the whole chain and therefore shouldn't trigger the bug. I've had problems in the past with Firefox that deleted CA certificates reappeared after closing and reopening the dialog box. You should check that they really are deleted. If they are gone and you can access to the Cern VOMS server works then you can try to import the new CA certificate again. Alternatively, if you're in a hurry and have Firefox you could try to create a new profile (firefox -no-remote -P) to start with a clean slate and sort out your default profile later. Cheers, Robert On 30/11/17 10:01, George, Simon wrote: > Thanks Robert. > > I tried updating the 2B certificate but it didn't seem to help. > > I have some role requests to approve so if anyone knows the solution to this I would really appreciate your help. > > > ________________________________ > From: Testbed Support for GridPP member institutes <[log in to unmask]> on behalf of Robert Frank <[log in to unmask]> > Sent: 30 November 2017 08:10 > To: [log in to unmask] > Subject: Re: I cannot connect to lcg-voms2.cern.ch - can anyone else? > > Hi Simon, > > yes, this is caused by the trust anchors 1.88 issue. If you delete the old 2B CA from your browser and import the new one then you will be able to access the CERN VOMS servers again. But this might also prevent you from accessing other services that still use the 1.87 release (if they are java services that use bouncycastle on SL6x, eg the gridpp voms server). > > Cheers, > Robert > > On 29/11/17 19:56, George, Simon wrote: >> Hi, >> >> today when trying to connect to https://lcg-voms2.cern.ch:8443/voms/atlas I get ERR_CONNECTION_CLOSED. >> >> Is it just me? Can anyone else access it? >> >> Is this by any chance related to the >> >> I have tried Firefox & Chrome on Windows 10 & SLC6 both inside and outside of CERN. >> >> I have my certificate installed in all the browsers. >> >> Any chance it is related to the trust anchors 1.88-1 issue? >> >> Thanks, >> >> Simon >> >> >> >