Researched the possibility of reusing existing VeriSign certificates within Globus environment
Findings:
- To generate a new VeriSign certificate, use the certificate request program within Globus and email it to VeriSign for signing.
- VeriSign certificates are x.509 compatible
- VeriSign certificates are issued in base 64 ASCII text
- Openssl can be used to convert the certificates from DER to PEM format as needed by Globus
- In order to configure VeriSign as a trusted CA, the intermediate certificate (cert_hash) needs to be downloaded from the Support Resources site and copied to the TRUSTED_CA directory of Globus
- The PKI admin will have access to the Download Resources site
VeriSign Contacts:
Bogdan Buta 650-426-3324
VeriSign Tech Support 1-800-579-2848
Posts
No comments:
Post a Comment