Hi Remi,
You were right. I forgot the CN in my automatic patch.
Thanks for the prompt answer. Sometimes, we just look and look... and
don't see the obvious...
Goncalo
Remi Mollon wrote:
> Hi Goncalo,
>
> Actually the DN of lcg-voms.cern.ch *AND* voms.cern.ch are incorrect !
>
> The DN for lcg-voms.cern.ch is :
> /DC=ch/DC=cern/OU=computers/CN=lcg-voms.cern.ch
> and the one for voms.cern.ch is :
> /DC=ch/DC=cern/OU=computers/CN=voms.cern.ch
>
> *with* "CN=" before the hostname.
>
> The fact that it worked for voms.cern.ch propably means that someone
> or something has modified the files after you.
> So, just modify again the files with the correct DNs and it should work.
>
> Cheers,
> Remi.
>
>
> Gonçalo Borges wrote:
>> Hi All,
>>
>> After the first EGEE broadcast (a few days ago) I updated our cluster
>> with the new lcg-voms rpm
>>
>> [goncalo@ui01 goncalo]$ rpm -qa | grep lcg-vomscerts
>> lcg-vomscerts-4.5.0-1
>>
>> Then, I updated the "/opt/edg/etc/vomses/dteam-lcg-voms.cern.ch" and
>> "/opt/glite/etc/vomses/dteam-lcg-voms.cern.ch" files with the proper DNs
>>
>> [goncalo@ui01 goncalo]$ cat /opt/glite/etc/vomses/dteam-lcg-voms.cern.ch
>> "dteam" "lcg-voms.cern.ch" "15004"
>> "/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch" "dteam"
>> [goncalo@ui01 goncalo]$ cat /opt/edg/etc/vomses/dteam-lcg-voms.cern.ch
>> "dteam" "lcg-voms.cern.ch" "15004"
>> "/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch" "dteam"
>>
>> Aftet that, and as warned, I was able to start proxies via
>> "voms.cern.ch" but not via "lcg-voms.cern.ch".
>>
>> Today, I tried again, and I was expecting to be able to start proxies
>> via "lcg-voms.cern.ch". However, I'm not able to do it via
>> "lcg-voms.cern.ch" nor "voms.cern.ch"
>>
>> ##############
>> [goncalo@ui01 goncalo]$ voms-proxy-init --debug -voms dteam
>> Detected Globus version: 22
>> Unspecified proxy version, settling on Globus version: 2
>> Number of bits in key :512
>> Using configuration file /home/csys/goncalo/.edg/vomses
>> Using configuration directory /opt/edg/etc/vomses
>> Files being used:
>> CA certificate file: none
>> Trusted certificates directory : /etc/grid-security/certificates
>> Proxy certificate file : /tmp/x509up_u266
>> User certificate file: /home/csys/goncalo/.globus/usercert.pem
>> User key file: /home/csys/goncalo/.globus/userkey.pem
>> Output to /tmp/x509up_u266
>> Your identity: /C=PT/O=LIPCA/O=LIP/OU=Lisboa/CN=Goncalo Borges
>> Enter GRID pass phrase:
>> Creating temporary proxy to /tmp/tmp_x509up_u266_22646 ..++++++++++++
>> ................++++++++++++
>> Done
>> Contacting lcg-voms.cern.ch:15004
>> [/DC=ch/DC=cern/OU=computers/lcg-voms.cern.ch] "dteam" Error:
>> VERR_COMM Failed.
>> Trying next server for dteam.
>> Creating temporary proxy to /tmp/tmp_x509up_u266_22646
>> ...............................++++++++++++
>> ......++++++++++++
>> Done
>> Contacting voms.cern.ch:15004
>> [/DC=ch/DC=cern/OU=computers/voms.cern.ch] "dteam" Error: VERR_COMM
>> Failed.
>> Failed to contact servers for dteam.
>> #################
>>
>> I think I did everything as requested. I'm I missing something? Can
>> someone check what going wrong?
>>
>>
>> Thanks in advance
>> Best Regards
>> Goncalo Borges
>
|