Procedure to renew certificates for VOMS nodes

Login to one of voms production nodes and generate a signed hostcert from the key. The subject should be or depending on which alias the node is a member of.

certmgr-getcert -n  -k /etc/grid-security/hostkey.pem --kinit <USER_NAME> |tee hostcert.pem

 tbag set --hg lcgvoms/service/admin/voms2 --file hostkey.pem voms_hostkey
 tbag set --hg lcgvoms/service/admin/voms2 --file hostcert.pem voms_hostcert

In this example we are renewing for an identical procedure can be done for

Puppet when it next runs will copy keys and restart the service.

Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r5 - 2016-03-29 - SteveTraylen
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback