Registering your new certificate with CMS VOMS

NOTE: this page is outdated as the VOMS registration/management system got updated to a new version. A new version of this page is available at: VoRegForExistingMemberNew

In order to access grid resources, you must register your new certificate with CMS VOMS. Follow the steps below.

  1. Before you register your new certificate, you should first find out about what existing roles and groups you are a member of. You will perform this step with your old certificate that is already registered in CMS VOMS. When you register your new certificate, you will make a request to join the same groups/roles. Go to Carefully make a list of all the groups/roles you have. We will use this list later when you finish registering your certificate.
  2. Before you register your new certificate, you should find out about your VO representative. This person will approve your VOMS registration and the group/roles you have in VOMS. Once you register your new certificate, you will email this person with the roles you need with your new certificate. With your old certificate loaded in your browser, Go to Select the output fields: First Name, Last Name, and Rep DN. The example below the user is Mine Altunay Cheung and her representative's DN is Tony Tiradani. For now, just make a note of who is your representative. Screen_shot_2013-02-19_at_11.34.56_AM.png
  3. Go to When your browser asks you to present your certificate, select the certificate that is already registered in the CMS VOMS (e.g., your certificate from the DOEGrids CA). Below is the screen you should be seeing (NB: in this case, the certificate that was already registered in the CMS VOMS is from the CERN CA, as shown in the red text). Screen_shot_2012-11-20_at_2.04.02_PM.png
  4. Do a search for yourself. Simply click on the Search button shown in the previous screen. You can select "is Primary" and "Status". Below is the screen you should be seeing (NB: The Member DN and Member CA should match the red text in the previous screen). Screen_shot_2012-11-20_at_2.27.00_PM.png
  5. Please enter your new DN in the "New DN" box. You should also select the CA that issued your new DN from the list of CAs. The following screen shows what end user needs to do (NB: in this case, the DN for the new certificate was issued by the DigiCerts CA, and the DigiCerts CA was selected from the drop-down menu).
  6. Click submit. VOMS-Admin needs to approve your request to add your new certificate to the VOMS.
  7. You will receive a new email when that happens.
  8. With your newly registered cert loaded in your browser, go to one more time. Unlike the screenshot in Step1, you will not have any approved groups/roles associated with this certificates. Select the group and role you want to be a member of, and then click submit button at the left bottom corner of the screen.
  9. Email your representative with the role requests you made. If your rep is Tony Tiradani, email him at tiradani AT If your rep is Patrick Gartung, email him at gartung AT
  10. Your group/role requests should be approved by the VOMS Administrator. You will receive an email when that happens. If you do not hear form the VOMS admins, then open a GGUS ticket.
Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r7 - 2015-09-07 - AndreasPfeiffer
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    CMSPublic All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback