sl6.9 is an odd release. it's half way to 7, or something. it's not
typical.
Try sl6.4
Ste
On 2017-11-29 16:38, Jensen, Jens (STFC,RAL,SC) wrote:
> Just to follow up on this, I happened to be in a call with Mischa from
> NIKHEF earlier today and we took some time after the call to discuss
> this peculiar problem. Mischa says he can replicate the problem -
> although he is not a member of a GridPP-hosted VO, he can contact the
> VOMS server and trigger the error in the client.
>
> It seems to be due to an ancient BouncyCastle library (1.46) on SL6, as
> Steve also mentioned in the call this morning.
>
> Unfortunately Mischa says it's not possible to backport a working BC
> library because they make a lot of incompatible changes between
> releases.
>
> Curiously, I just set up an SL6 (6.9) box in the cloud and I cannot
> replicate the error. What am I missing? This is using Java 1.7.0 and
> UMD3.
>
> [jj47@vm102 ~]$ rpm -qa|grep igtf
> ca_policy_igtf-iota-1.88-1.noarch
> ca_policy_igtf-slcs-1.88-1.noarch
> ca_policy_igtf-classic-1.88-1.noarch
> ca_policy_igtf-mics-1.88-1.noarch
> [jj47@vm102 ~]$ rpm -qa|grep bouncy
> bouncycastle-1.46-1.el6.noarch
> bouncycastle-mail-1.46-2.el6.noarch
> [jj47@vm102 ~]$ voms-proxy-destroy
> [jj47@vm102 ~]$ voms-proxy-init3 -voms gridpp -vomses
> /etc/vomses/gridpp-voms02.gridpp.ac.uk
> Enter GRID pass phrase for this identity:
> Contacting voms02.gridpp.ac.uk:15000
> [/C=UK/O=eScience/OU=Oxford/L=OeSC/CN=voms02.gridpp.ac.uk] "gridpp"...
> Remote VOMS server contacted succesfully.
>
>
> Created proxy in /tmp/x509up_u500.
>
> Your proxy is valid until Thu Nov 30 04:24:25 GMT 2017
> [jj47@vm102 ~]$ voms-proxy-destroy
> [jj47@vm102 ~]$ voms-proxy-init3 -voms gridpp -vomses
> /etc/vomses/gridpp-voms.gridpp.ac.uk
> Enter GRID pass phrase for this identity:
> Contacting voms.gridpp.ac.uk:15000
> [/C=UK/O=eScience/OU=Manchester/L=HEP/CN=voms.gridpp.ac.uk] "gridpp"...
> Remote VOMS server contacted succesfully.
>
>
> Created proxy in /tmp/x509up_u500.
>
> Your proxy is valid until Thu Nov 30 04:24:52 GMT 2017
> [jj47@vm102 ~]$ voms-proxy-destroy
> [jj47@vm102 ~]$ voms-proxy-init3 -voms gridpp -vomses
> /etc/vomses/gridpp-voms03.gridpp.ac.uk
> Enter GRID pass phrase for this identity:
> Contacting voms03.gridpp.ac.uk:15000
> [/C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk]
> "gridpp"...
> Remote VOMS server contacted succesfully.
>
>
> Created proxy in /tmp/x509up_u500.
>
> Your proxy is valid until Thu Nov 30 04:29:27 GMT 2017
>
> [jj47@vm102 ~]$ voms-proxy-info -all
> subject : /C=UK/O=eScience/OU=CLRC/L=RAL/CN=jens sha2
> jensen/CN=198921768
> issuer : /C=UK/O=eScience/OU=CLRC/L=RAL/CN=jens sha2 jensen
> identity : /C=UK/O=eScience/OU=CLRC/L=RAL/CN=jens sha2 jensen
> type : RFC3820 compliant impersonation proxy
> strength : 1024
> path : /tmp/x509up_u500
> timeleft : 11:53:48
> key usage : Digital Signature, Key Encipherment, Data Encipherment
> === VO gridpp extension information ===
> VO : gridpp
> subject : /C=UK/O=eScience/OU=CLRC/L=RAL/CN=jens sha2 jensen
> issuer :
> /C=UK/O=eScience/OU=Imperial/L=Physics/CN=voms03.gridpp.ac.uk
> attribute : /gridpp/Role=NULL/Capability=NULL
> timeleft : 11:53:48
> uri : voms03.gridpp.ac.uk:15000
|