The CAHash.0 file should be available from your CA. It is their
public certificate. They will have that available for you even if
they don't provide a setup package.
Charles
On Jul 18, 2008, at 11:21 AM, Omer Jilani wrote:
Hi Charles,
thanks for your reply.
I understand that and i've already done that. My concern is how do i
make the CAHash.0 file.
All i have is the usercert and userkey from the CA. Does putting the
encryption of userkey in CAHash.0 is the right way?
sorry i'm a newbie, so the basic questions. Appreciate your help.
- omer
> CC: [email protected]
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: Re: [gt-user] certificate configuration problem
> Date: Fri, 18 Jul 2008 10:42:24 -0500
>
> You might be interested in:
>
http://www.globus.org/toolkit/docs/4.0/security/prewsaa/Pre_WS_AA_Public_Interfaces.html#id2528598
> and
>
http://www.globus.org/toolkit/docs/4.0/security/prewsaa/user-index.html#s-prewsaa-user-troubleshooting
>
> To get your local CA trusted, you need a .0 and a .signing_policy
> file. If they don't have a signing policy, one of those two links
has
> a pointer to how to write your own. The easiest test on your local
> machine of whether you have it setup right or not is to run grid-
proxy-
> init -verify -debug.
>
>
> Charles
>
> On Jul 18, 2008, at 9:05 AM, Omer Jilani wrote:
>
> > Hi all,
> >
> > I'm facing a problem.
> > I was working with simpleCA certificates untill I got the
> > certificate from the local CA.
> >
> > using globus-url-copy i found that the configuration in the /etc/
> > grid-security/certificates was mapped on the the simpleCAHash and
> > not to my newHash,
> > so i changed the simpleCAHash to newHash for the config files and
> > changed the signing_policy according to the new certificate.
> >
> > But now it gives me the error of bad encrypt, which is
> > understandable since the encrypt in the simpleCAHash.0 is
different
> > when i changed it to newHash.0.
> > Does anyone how to get the correct encrypt for my new user
> > certificates that i can place in /etc/grid-security/certificates/
> > newHash.0 ?
> >
> > My CA (NGS/ECDF) does not provide any package to configure the
etc/
> > grid-security/certificates.
> >
> > Also when i use openssl to get the hash from the user
certificates,
> > it gives me a different hash than the one globus-url-copy
complains
> > about?
> >
> > I'm kinda stuck here. Any help is highly appreciated.
> >
> >
> > Discover the new Windows Vista Learn more!
>
Connect to the next generation of MSN Messenger Get it now!
