Modified the cond_subjects parameter of the root signing policy
Results:
The system still creates a proxy, but fails to create a proxy when the -verify switch is used.
Researching the current error message:
error: globus_ftp_client_state.c:globus_l_ftp_client_connection_error:4217:
the server responded with an error
530 530-globus_xio: Authentication Error
530-globus_gsi_callback_module: Could not verify credential
530-globus_gsi_callback_module: Error with signing policy
530-globus_gsi_callback_module: Error in OLD GAA code: CA policy violation:
530 End.
Next steps:
Try using the issuer_hash for the root and hash for the intermediate certificates.
View the CDC certificate in Portecle to make sure there are no changes in the subject lines
Test transfers between 1001 and 1003 nodes
Contact Ron Price about a possible solution. I discovered an old listserv message where he was having the same problem back in 2004.
http://www.globus.org/mail_archive/discuss/2004/02/msg00112.html
No comments:
Post a Comment