Hi Dan,
I was wondering if there was any support for using existing
authentication sources with the PHGRID. I am interested in using the
University of Washington's Kerberos and Shibboleth services to
authenticate against PHGRID services.
Yes, Globus can be configured to trust x.509 certificates issued by a 3rd party CA. This is accomplished by copying the 3rd party CA's certificate hash file and signing policy to the /etc/grid-security/certificates directory.
Example Hash Files:
31f15ec4.0
31f15ec4.signing_policy
Note: The certificate hash is located by running the following command:
$GLOBUS_LOCATION/bin/openssl x509 -hash -noout < ca_certificate_file
The certificate's distinguished name must match the pattern found in the signing policy file.
Posts
No comments:
Post a Comment