Hi Charles, thanks for your reply. I understand that and i've already done that. My concern is how do i make the CAHash.0 file. All i have is the usercert and userkey from the CA. Does putting the encryption of userkey in CAHash.0 is the right way? sorry i'm a newbie, so the basic questions. Appreciate your help.
- omer > CC: [email protected] > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: Re: [gt-user] certificate configuration problem > Date: Fri, 18 Jul 2008 10:42:24 -0500 > > You might be interested in: > http://www.globus.org/toolkit/docs/4.0/security/prewsaa/Pre_WS_AA_Public_Interfaces.html#id2528598 > and > http://www.globus.org/toolkit/docs/4.0/security/prewsaa/user-index.html#s-prewsaa-user-troubleshooting > > To get your local CA trusted, you need a .0 and a .signing_policy > file. If they don't have a signing policy, one of those two links has > a pointer to how to write your own. The easiest test on your local > machine of whether you have it setup right or not is to run grid-proxy- > init -verify -debug. > > > Charles > > On Jul 18, 2008, at 9:05 AM, Omer Jilani wrote: > > > Hi all, > > > > I'm facing a problem. > > I was working with simpleCA certificates untill I got the > > certificate from the local CA. > > > > using globus-url-copy i found that the configuration in the /etc/ > > grid-security/certificates was mapped on the the simpleCAHash and > > not to my newHash, > > so i changed the simpleCAHash to newHash for the config files and > > changed the signing_policy according to the new certificate. > > > > But now it gives me the error of bad encrypt, which is > > understandable since the encrypt in the simpleCAHash.0 is different > > when i changed it to newHash.0. > > Does anyone how to get the correct encrypt for my new user > > certificates that i can place in /etc/grid-security/certificates/ > > newHash.0 ? > > > > My CA (NGS/ECDF) does not provide any package to configure the etc/ > > grid-security/certificates. > > > > Also when i use openssl to get the hash from the user certificates, > > it gives me a different hash than the one globus-url-copy complains > > about? > > > > I'm kinda stuck here. Any help is highly appreciated. > > > > > > Discover the new Windows Vista Learn more! > _________________________________________________________________ Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
