hpc:othernotes
This is an old revision of the document!
Other Notes
Grid Certificates, Robotic Certificates
Using encoded tarballs
If given an encoded tarball use the following command
openssl aes-256-cbc -d -in filename.tgz.enc | tar zxf -
In the case of a Robotic Certificate, a password on the key will stop programs which use it so the password must be removed. Just use:
openssl x509 -in password-keyfile.pem -out passwordless-keyfile.pem
It will ask for the password on the old file, and you can skip entering one for the new file. You may also need to change x509 to rsa or whichever protocol is being used.
I've typically had to update the local copy of our CA certificate folder by grabbing the one at CERN:
lxplus.cern.ch:/etc/grid-security/certificates
and copying it locally. Otherwise you get errors from voms-proxy-init.
To test the robotic key/cert you can do the following:
voms-proxy-init --cert </path/to/cert.pem> --key </path/to/key.pem> --certdir </path/to/certificates> -verify
hpc/othernotes.1421350086.txt.gz · Last modified: 2015/01/15 19:28 by jchilders