Difference between revisions of "Renew Grid Certificate"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
''' Advice:''' | ''' Advice:''' | ||
| + | |||
1) Try to avoid breaking your head trying to understand what all computer/grid terms mean that you encounter. | 1) Try to avoid breaking your head trying to understand what all computer/grid terms mean that you encounter. | ||
| + | |||
2) Use the same password everywhere. You need many. | 2) Use the same password everywhere. You need many. | ||
| + | |||
| + | |||
''' 1) Renewing your Grid Certificate''' | ''' 1) Renewing your Grid Certificate''' | ||
Revision as of 09:58, 10 October 2007
A shortcut through the maze you enter when you want to renew your GRID certificate and/or if you need to re-sign the ATLAS VO 'I-promise-I-will-behave-on-the-Grid' statement:
Advice:
1) Try to avoid breaking your head trying to understand what all computer/grid terms mean that you encounter.
2) Use the same password everywhere. You need many.
1) Renewing your Grid Certificate
A) http://ca.dutchgrid.nl/info/rekey.html run script dca-rekey-pack.sh
B) Upload file to Dutch CA to start request
File: $HOME/.globus/newrekeypack.txt
Web-page: http://ra.dutchgrid.nl/ra/public/submit
C) Save the certificate you get back by mail from the Dutch CA (~ 2 days) and follow instructions:
- Save mail as .globus/usercert.pem
- In .globus: mv newkey.pem userkey.pem
2) Resign the ATLAS things and Get Certificate in Browser (Mozilla)
D) Get certificate as PKCS12 format (needed by browsers)
http://lcg.web.cern.ch/LCG/users/registration/load-cert.html
In .globus:
openssl pkcs12 -export -inkey userkey.pem -in usercert.pem -out my_cert.p12 -name MyGridCertificate
E) Re-sign VO membership thingies (Grid and VO AUP ?)
https://lcg-voms.cern.ch:8443/vo/atlas/vomrs?path=/RootNode/MemberAction/ResignUsageRules&action=execute