Using a SimpleCA:
A SimpleCA can be created by running the following command:
- $GLOBUS_LOCATION/setup/globus/setup-simple-ca
This command will generate the file, globus_simple_ca_hash_setup-0.19.tar.gz in the ~/.globus/simpleCA directory. This file needs to be distributed to each grid node that will be using the new SimpleCA. Each node will need to run the following commands in order to recognize the new SimpleCA:
- $GLOBUS_LOCATION/sbin/gpt-build globus_simple_ca_hash_setup-0.19.tar.gz
- $GLOBUS_LOCATION/sbin/gpt-postinstall
- $GLOBUS_LOCATION/setup/globus_simple_ca_hash_setup/setup-gsi
You may request host and user certificates from the new SimpleCA after running the above commands.
Post Glossary:
Certificate - A public key and information about the certificate owner bound together by the
digital signature of a CA. In the case of a CA certificate the certificate is self signed,
i.e. it was signed using its own private key.
Certificate Authority - An entity that issues certificates.
Host certificate - A certificate belonging to a host. (I.E, grid node) Host certificates are typically stored in the /etc/grid-security/hostcert.pem file.
SimpleCA - Simple Certificate Authority
Trusted CA – CA trusted by the grid node. Trusted CA's are found in the /etc/grid-security/certificates directory.
User certificate – A certificate belonging to a user. (I.E, Globus, Bubba, Jenny, Forest) User certificates are typically stored in the $HOME/.globus/usercert.pem file.
No comments:
Post a Comment