User Tools

Site Tools


Other Notes

Grid Certificates, Robotic Certificates

Using encoded tarballs

If given an encoded tarball use the following command

openssl aes-256-cbc -d -in filename.tgz.enc | tar zxf -

Removing a password

In the case of a Robotic Certificate, a password on the key will stop programs which use it so the password must be removed. Just use:

openssl rsa -in password-keyfile.pem -out passwordless-keyfile.pem

It will ask for the password on the old file, and you can skip entering one for the new file.

  • openssl x509 is for pem-formatted certificates
  • openssl rsa is for key files

Updating certificates CA directory

I've typically had to update the local copy of our CA certificate folder by grabbing the one at CERN: and copying it locally. Otherwise you get errors from voms-proxy-init.

Testing Success

To test the robotic key/cert you can do the following:

voms-proxy-init --cert </path/to/cert.pem> --key </path/to/key.pem> --certdir </path/to/certificates> -verify
hpc/othernotes.txt · Last modified: 2015/01/15 19:31 by jchilders