Hi Daniela, let's look at the current XML for DZERO (yes, it makes my
eyes hurt too).
<VOMSServers>
<VOMS_Server HttpsPort="8443" VomsesPort="15002"
IsVomsAdminServer="1"
MembersListUrl="https://voms.fnal.gov:8443/voms/dzero/services/VOMSAdmin?method=listMembers">
<hostname>voms.fnal.gov</hostname>
<X509Cert>
<DN>/DC=com/DC=DigiCert-Grid/O=Open Science
Grid/OU=Services/CN=voms.fnal.gov</DN>
<CA_DN>/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid
CA-1</CA_DN>
<X509PublicKey>-----BEGIN CERTIFICATE----- ...
</X509PublicKey>
</X509Cert>
</VOMS_Server>
</VOMSServers>
For the VOMs Server at voms.fnal.gov, the present DN and CA_DN are :
----------------------------
/DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=voms.fnal.gov
/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1
----------------------------
Last week, the same settings were:
----------------------------
/DC=org/DC=doegrids/OU=Services/CN=http/voms.fnal.gov
/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1
----------------------------
That means it's all different, AFAICS. How say you?
Steve
On 01/14/2014 12:33 PM, Daniela Bauer wrote:
> Hi Steve,
>
> that can't be right. I'm pretty sure the DOE has given issuing
> certificates and if I check teh operations portal for e.g. dzero I
> get:
>
> Host :
>
> voms.fnal.gov
>
> List members url :
>
> https://voms.fnal.gov:8443/voms/dzero/services/VOMSAdmin?method=listMembers
>
> DN :
>
> /DC=com/DC=DigiCert-Grid/O=Open Science Grid/OU=Services/CN=voms.fnal.gov
>
> CA_DN :
>
> /DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid CA-1
>
> so I think your VOMS_CA_DNs are switched around.
>
> Cheers,
> Daniela
>
> On 14 January 2014 12:29, Stephen Jones <[log in to unmask]> wrote:
>> All,
>>
>> as discussed at the ops meeting, there have been changes to: CDF, DZERO, ILC
>>
>> The full changes can be picked up from
>> https://www.gridpp.ac.uk/wiki/GridPP_approved_VOs
>>
>> Steve
>>
>> Summary of changes
>> *********************
>>
>> In all cases, the records for the server at voms.fnal.gov have changed from:
>>
>> VOMSES=" ... 'cdf voms.fnal.gov 15020
>> /DC=org/DC=doegrids/OU=Services/CN=http/voms.fnal.gov cdf' "
>> VOMS_CA_DN=" ... '/DC=com/DC=DigiCert-Grid/O=DigiCert Grid/CN=DigiCert Grid
>> CA-1' "
>>
>> to
>>
>> VOMSES=" ... 'cdf voms.fnal.gov 15020 /DC=com/DC=DigiCert-Grid/O=Open
>> Science Grid/OU=Services/CN=voms.fnal.gov cdf' "
>> VOMS_CA_DN=" ... '/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids
>> CA 1' "
>>
>> --
>> Steve Jones [log in to unmask]
>> System Administrator office: 220
>> High Energy Physics Division tel (int): 42334
>> Oliver Lodge Laboratory tel (ext): +44 (0)151 794 2334
>> University of Liverpool http://www.liv.ac.uk/physics/hep/
>
>
--
Steve Jones [log in to unmask]
System Administrator office: 220
High Energy Physics Division tel (int): 42334
Oliver Lodge Laboratory tel (ext): +44 (0)151 794 2334
University of Liverpool http://www.liv.ac.uk/physics/hep/
|