create and use a service certificate for oasis cron job

Notes

cosg16:marki:marki> openssl x509 -in /etc/grid-security/hostcert.pem -subject -issuer -dates -noout
subject= /DC=org/DC=opensciencegrid/O=Open Science Grid/OU=Services/CN=scosg16.jlab.org
issuer= /DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OSG CA 1
notBefore=Mar 21 17:36:19 2017 GMT
notAfter=Apr 20 17:41:19 2018 GMT

 

 

Advertisements

OpenShop Certificates at JLab for the SRM

On May 14 Richard added new host certificates to the appropriate directory under /apps/osg to account for some of the SRM server hosts at UConn licensed under “OpenShop”, his private label. Those will be changed in the future to refer to DigiCert as is more standard.

This was causing intermittent failures that depended on the number of files requested. If more than about 20 were in an SRM requested then it was likely that one of the untrusted servers would be involved and the transfer would bomb on the client side with no trace on the server except for a log entry indicating that the client had “canceled” the request.

installing an external ssl certificate on local box

Under Fedora 16.