User Tools
Sidebar
hpc:othernotes
Other Notes
Grid Certificates, Robotic Certificates
Using encoded tarballs
If given an encoded tarball use the following command
openssl aes-256-cbc -d -in filename.tgz.enc | tar zxf -
Removing a password
In the case of a Robotic Certificate, a password on the key will stop programs which use it so the password must be removed. Just use:
openssl rsa -in password-keyfile.pem -out passwordless-keyfile.pem
It will ask for the password on the old file, and you can skip entering one for the new file.
openssl x509is for pem-formatted certificatesopenssl rsais for key files
Updating certificates CA directory
I've typically had to update the local copy of our CA certificate folder by grabbing the one at CERN:
lxplus.cern.ch:/etc/grid-security/certificates
and copying it locally. Otherwise you get errors from voms-proxy-init.
Testing Success
To test the robotic key/cert you can do the following:
voms-proxy-init --cert </path/to/cert.pem> --key </path/to/key.pem> --certdir </path/to/certificates> -verify
hpc/othernotes.txt · Last modified: 2015/01/15 19:31 by jchilders
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
