TWiki> LHCb Web>LHCbOnline>Certificates (2008-02-08, RaduStoica) EditAttachPDF
Location of certification lists that have to be updated daily: 
/afs/cern.ch/lhcb/distribution/production_tools/grid-security.tar.gz

Directory structure for host GRID certificates: 

[root@store02 grid-security]# ll /etc/grid-security
drwxr-xr-x  2 root root 20480 Feb  8 11:57 certificates
-rw-r--r--  1 root root  2435 Feb  8 12:05 hostcert.pem
-r--------  1 root root   887 Feb  7 15:29 hostkey.pem

Commands to generate certificates: 

openssl pkcs12 -export -inkey privkey.pem -in newcert.cer -out myCertificate.pks
openssl pkcs12 -in myCertificate.pks -out /etc/grid-security/hostcert.pem -clcerts -nokeys

privkey.pem is the hostkey.pem file. Should be owned by root with 400 access.

Certification help page at CERN: http://ca.cern.ch

Machines with host certificates:

  • store02 (rundb01)

-- RaduStoica - 08 Feb 2008

Edit | Attach | Watch | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2008-02-08 - RaduStoica
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LHCb All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright &© 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback