You might be interested in:
http://www.globus.org/toolkit/docs/4.0/security/prewsaa/Pre_WS_AA_Public_Interfaces.html#id2528598
and
http://www.globus.org/toolkit/docs/4.0/security/prewsaa/user-index.html#s-prewsaa-user-troubleshooting
To get your local CA trusted, you need a .0 and a .signing_policy
file. If they don't have a signing policy, one of those two links has
a pointer to how to write your own. The easiest test on your local
machine of whether you have it setup right or not is to run grid-proxy-
init -verify -debug.
Charles
On Jul 18, 2008, at 9:05 AM, Omer Jilani wrote:
Hi all,
I'm facing a problem.
I was working with simpleCA certificates untill I got the
certificate from the local CA.
using globus-url-copy i found that the configuration in the /etc/
grid-security/certificates was mapped on the the simpleCAHash and
not to my newHash,
so i changed the simpleCAHash to newHash for the config files and
changed the signing_policy according to the new certificate.
But now it gives me the error of bad encrypt, which is
understandable since the encrypt in the simpleCAHash.0 is different
when i changed it to newHash.0.
Does anyone how to get the correct encrypt for my new user
certificates that i can place in /etc/grid-security/certificates/
newHash.0 ?
My CA (NGS/ECDF) does not provide any package to configure the etc/
grid-security/certificates.
Also when i use openssl to get the hash from the user certificates,
it gives me a different hash than the one globus-url-copy complains
about?
I'm kinda stuck here. Any help is highly appreciated.
Discover the new Windows Vista Learn more!
