CoEPP RC
 

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
grid:cern_certificates [2016/09/19 09:49]
lucien [Register your new certificate with your ATLAS VOMS account]
grid:cern_certificates [2016/09/22 12:39]
lucien
Line 29: Line 29:
 </​code>​ </​code>​
   - convert/​export your private key file making sure you use a secure password (you can repeat the password you entered when exporting it from your browser) In the example below I repeated my secure password three times, once to "​unlock"​ the p12 file, once the set the new password and once to verify the new password:<​code>​   - convert/​export your private key file making sure you use a secure password (you can repeat the password you entered when exporting it from your browser) In the example below I repeated my secure password three times, once to "​unlock"​ the p12 file, once the set the new password and once to verify the new password:<​code>​
-bash$ openssl pkcs12 -nocerts -in usercert.p12 -out userkey2.pem+bash$ openssl pkcs12 -nocerts -in usercert.p12 -out userkey.pem
 Enter Import Password: Enter Import Password:
 MAC verified OK MAC verified OK
Line 36: Line 36:
 </​code>​ </​code>​
   - convert/​export your certificate file, note that this new file does not need a password added since it isn't a private component, however the command does require you to enter your secure password that you used to export the pkcs12 file from your browser:<​code>​   - convert/​export your certificate file, note that this new file does not need a password added since it isn't a private component, however the command does require you to enter your secure password that you used to export the pkcs12 file from your browser:<​code>​
-bash$ openssl pkcs12 -clcerts -nokeys -in usercert.p12 -out usercert2.pem+bash$ openssl pkcs12 -clcerts -nokeys -in usercert.p12 -out usercert.pem
 Enter Import Password: Enter Import Password:
 MAC verified OK MAC verified OK
Line 43: Line 43:
 bash$ ls -l user* bash$ ls -l user*
 -rw-r--r--@ 1 lucien ​ staff   8248 16 Sep 15:43 usercert.p12 -rw-r--r--@ 1 lucien ​ staff   8248 16 Sep 15:43 usercert.p12
--rw-r--r-- ​ 1 lucien ​ staff   3338 19 Sep 09:38 usercert2.pem +-rw-r--r-- ​ 1 lucien ​ staff   3338 19 Sep 09:38 usercert.pem 
--rw-r--r-- ​ 1 lucien ​ staff   1875 19 Sep 09:33 userkey2.pem+-rw-r--r-- ​ 1 lucien ​ staff   1875 19 Sep 09:33 userkey.pem
 </​code>​ </​code>​
   - you can now copy these onto the UI into your ~/.globus directory and use them for the step below to add to your ATLAS VOMS account.   - you can now copy these onto the UI into your ~/.globus directory and use them for the step below to add to your ATLAS VOMS account.
Line 53: Line 53:
   - In the "​Certificates"​ section, click on "Add an additional certificate"​   - In the "​Certificates"​ section, click on "Add an additional certificate"​
     * {{:​grid:​ca_cern_voms_add_certificate.png?​direct&​600|}}     * {{:​grid:​ca_cern_voms_add_certificate.png?​direct&​600|}}
-  - On this page, click on the "​Choose File" button in the "​Certificate File" section. Use the selection dialog box to find your "userkey.pem" file created in the previous section. This will correctly recover your certificates DN (distinguished name) for the request.+  - On this page, click on the "​Choose File" button in the "​Certificate File" section. Use the selection dialog box to find your "usercert.pem" file created in the previous section. This will correctly recover your certificates DN (distinguished name) for the request.
   - leaving the "Or enter a Subject, CA couple"​ section blank, click on the "​Request certificate"​   - leaving the "Or enter a Subject, CA couple"​ section blank, click on the "​Request certificate"​
     * {{:​grid:​ca_cern_voms_select_file.png?​direct&​600|}}     * {{:​grid:​ca_cern_voms_select_file.png?​direct&​600|}}
   - In a day or so this will be approved by an ATLAS VOMS admin and your new certificate will be ready to use.    - In a day or so this will be approved by an ATLAS VOMS admin and your new certificate will be ready to use. 
grid/cern_certificates.txt · Last modified: 2016/09/22 12:39 by lucien
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki