Changes between Version 3 and Version 4 of installation_GridFTP

Show
Ignore:
Timestamp:
05/16/11 14:49:01 (10 years ago)
Author:
bartek
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • installation_GridFTP

    v3 v4  
    123123}}} 
    124124}}} 
    125 * "name pattern" is a string used to match the distinguished names of certificates granted by the given CA. Usually, it is a CA name with common name replaced by wild card '*', e.g.: 
    126  
     125* "Name patternX" is a string used to match the distinguished names of certificates granted by the given CA. Usually, it is a CA name with common name replaced by wild card '*', e.g.: 
     126{{{ 
     127#!div style="font-size: 90%" 
     128{{{#!default 
    127129  "/C=PL/O=GRID/CN=Polish Grid CA" -> '"/C=PL/O=GRID/*"' 
    128  
    129 : it accepts "C=PL/O=GRID/OU=PSNC/CN=Bogdan Ludwiczak", but it rejects "O=GRID/OU=PSNC/CN=Bogdan Ludwiczak" '"*"' pattern accepts all certificates. 
     130}}} 
     131}}} 
     132  it accepts "C=PL/O=GRID/OU=PSNC/CN=Bogdan Ludwiczak", but it rejects "O=GRID/OU=PSNC/CN=Bogdan Ludwiczak". '"*"' pattern accepts all certificates. 
     133 
    130134* Configure appropriate default values for use by the grid-cert-request command which is used to generate certificates requests. The following files have to be properly configured to enable Globus tools to generate valid certificate requests: 
    131 <code>/etc/grid-security/globus-user-ssl.conf</code> - defines the distinguished name to use for a user's certificate request. 
    132 <code>/etc/grid-security/globus-host-ssl.conf</code> - defines the distinguished name for a host and service certificate request. 
    133 <code>/etc/grid-security/grid-security.conf</code> - is a main configuration file that contains the name and email address for the given CA. 
    134  
    135 These files are usually provided by the CA, particularly [[QosCosGrid CA]] or [http://www.man.poznan.pl/plgrid-ca/ PL-Grid] does provides these files. Typically, CA configuration files are placed in <code>/etc/grid-security/certificates/</code> directory with additional extension .CA_hash_name and only appropriate symbolic links are created in /etc/grid-security/. Globus Toolkit provides grid-default-ca command which can be used to automatically create appropriate links. 
     135 * `/etc/grid-security/globus-user-ssl.conf` - defines the distinguished name to use for a user's certificate request. 
     136 * `/etc/grid-security/globus-host-ssl.conf` - defines the distinguished name for a host and service certificate request. 
     137 * `/etc/grid-security/grid-security.conf` - is a main configuration file that contains the name and email address for the given CA. 
     138 
     139 These files are usually provided by the CA, particularly [[QosCosGrid CA]] or [http://www.man.poznan.pl/plgrid-ca/ PL-Grid] does provides these files. Typically, CA configuration files are placed in <code>/etc/grid-security/certificates/</code> directory with additional extension .CA_hash_name and only appropriate symbolic links are created in /etc/grid-security/. Globus Toolkit provides grid-default-ca command which can be used to automatically create appropriate links. 
    136140 
    137141== Requesting host and user X.509 certificates ==