create and use a service certificate for oasis cron job


cosg16:marki:marki> openssl x509 -in /etc/grid-security/hostcert.pem -subject -issuer -dates -noout
subject= /DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/
issuer= /DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1
notBefore=Mar 21 17:36:19 2017 GMT
notAfter=Apr 20 17:41:19 2018 GMT




OpenShop Certificates at JLab for the SRM

On May 14 Richard added new host certificates to the appropriate directory under /apps/osg to account for some of the SRM server hosts at UConn licensed under “OpenShop”, his private label. Those will be changed in the future to refer to DigiCert as is more standard.

This was causing intermittent failures that depended on the number of files requested. If more than about 20 were in an SRM requested then it was likely that one of the untrusted servers would be involved and the transfer would bomb on the client side with no trace on the server except for a log entry indicating that the client had “canceled” the request.

Meeting with Kelvin and Sherman, November 27, 2012

  • log into hallddb1 from hallgw, or login1
  • will have sudo start/stop privilege on the MySQL server
  • halldb will be an alias for the db server inside and outside, but from outside preentation will be to read-only mirror

installing an external ssl certificate on local box

Under Fedora 16.