biolocal:Robot on UI

From Wiki CEINGE

(Difference between revisions)
Jump to: navigation, search
Revision as of 16:39, 6 August 2009 (edit)
Gianluca (Talk | contribs)

← Previous diff		 Current revision (16:49, 6 August 2009) (edit) (undo)
Gianluca (Talk | contribs)

 
(3 intermediate revisions not shown.)
Line 1: Line 1:
The CEINGE User Interface provides all the tools and libraries to manage robot certificates stored on Aladdin eToken, a USB hardware key used to safely store a robot certificate with its associated private key. The CEINGE User Interface provides all the tools and libraries to manage robot certificates stored on Aladdin eToken, a USB hardware key used to safely store a robot certificate with its associated private key.
-The eToken containing the robot certificate issued by INFN for bioinformatics applications is attached to the UI server and can be used to generate proxy certificate.+The eToken, containing the INFN certificate for bioinformatics applications, is attached to the UI server and can be used to generate proxy certificate.
-Here follows the command to make a proxy certificate starting from the robot:+Here follows the command to make a proxy certificate, starting from the robot:
<pre> <pre>
[gianluca@clr55 ~]$ /opt/etoken-pro/bin/mkproxy --label="Robot: Bioinformatics Applications - Gianluca Busiello's INFN ID" --id=a75ee72542ad2716d6f21087258ba1f3142981e7 [gianluca@clr55 ~]$ /opt/etoken-pro/bin/mkproxy --label="Robot: Bioinformatics Applications - Gianluca Busiello's INFN ID" --id=a75ee72542ad2716d6f21087258ba1f3142981e7
</pre> </pre>
-Once the proxy certificate is made, it is stored in the file /tmp/x509up_u551 and information on it can be requested with the command:+Once the proxy certificate is made, it is stored in the file /tmp/x509up_u551 and information on it can be requested by using the command:
<pre> <pre>
[gianluca@clr55 ~]$ voms-proxy-info [gianluca@clr55 ~]$ voms-proxy-info
Line 32: Line 32:
It means that the proxy certificate is not initialized on the VOMS and any "attribute certificate" on the VOMS is created. To do this, use: It means that the proxy certificate is not initialized on the VOMS and any "attribute certificate" on the VOMS is created. To do this, use:
- +<pre>
[gianluca@clr55 ~]$ voms-proxy-init -noregen -voms unina.it [gianluca@clr55 ~]$ voms-proxy-init -noregen -voms unina.it
- +</pre>
Where the -noregen option force the tools to skip the proxy creation and reuse the current one. Now the proxy info is correct and complete: Where the -noregen option force the tools to skip the proxy creation and reuse the current one. Now the proxy info is correct and complete:
<pre> <pre>
- +[gianluca@clr55 ~]$ voms-proxy-info --all
 +subject : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy/CN=proxy
 +issuer : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
 +identity : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
 +type : proxy
 +strength : 1024 bits
 +path : /tmp/x509up_u551
 +timeleft : 10:17:17
 +=== VO unina.it extension information ===
 +VO : unina.it
 +subject : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello
 +issuer : /C=IT/O=INFN/OU=Host/L=Federico II/CN=voms01.scope.unina.it
 +attribute : /unina.it/Role=NULL/Capability=NULL
 +timeleft : 10:49:57
 +uri : voms01.scope.unina.it:15003
</pre> </pre>
-glite-wms-job-submit -a --vo unina.it test.jdl+ 
 +Now the command line is ready to launch commands as usual:
 +<pre>
 +[gianluca@clr55 ~]$ glite wms-job-submit -a --vo unina.it test.jdl
 +</pre>

Current revision

The CEINGE User Interface provides all the tools and libraries to manage robot certificates stored on Aladdin eToken, a USB hardware key used to safely store a robot certificate with its associated private key.

The eToken, containing the INFN certificate for bioinformatics applications, is attached to the UI server and can be used to generate proxy certificate.


Here follows the command to make a proxy certificate, starting from the robot: 

[gianluca@clr55 ~]$ /opt/etoken-pro/bin/mkproxy --label="Robot: Bioinformatics Applications - Gianluca Busiello's INFN ID" --id=a75ee72542ad2716d6f21087258ba1f3142981e7

Once the proxy certificate is made, it is stored in the file /tmp/x509up_u551 and information on it can be requested by using the command: 

[gianluca@clr55 ~]$ voms-proxy-info            
WARNING: Unable to verify signature! Server certificate possibly not installed. 
Error: VOMS extension not found!                                            
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
issuer    : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello         
identity  : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello         
type      : proxy                                                                                                 
strength  : 512 bits                                                                                              
path      : /tmp/x509up_u551                                                                                      
timeleft  : 11:58:08

Note the warning:

WARNING: Unable to verify signature! Server certificate possibly not installed.

Error: VOMS extension not found!

It means that the proxy certificate is not initialized on the VOMS and any "attribute certificate" on the VOMS is created. To do this, use: 

[gianluca@clr55 ~]$ voms-proxy-init -noregen -voms unina.it

Where the -noregen option force the tools to skip the proxy creation and reuse the current one. Now the proxy info is correct and complete: 

[gianluca@clr55 ~]$ voms-proxy-info --all
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy/CN=proxy
issuer    : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
identity  : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
type      : proxy
strength  : 1024 bits
path      : /tmp/x509up_u551
timeleft  : 10:17:17
=== VO unina.it extension information ===
VO        : unina.it
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello
issuer    : /C=IT/O=INFN/OU=Host/L=Federico II/CN=voms01.scope.unina.it
attribute : /unina.it/Role=NULL/Capability=NULL
timeleft  : 10:49:57
uri       : voms01.scope.unina.it:15003


Now the command line is ready to launch commands as usual: 

[gianluca@clr55 ~]$ glite wms-job-submit -a --vo unina.it test.jdl
Retrieved from "http://mediawiki.ceinge.unina.it/index.php/biolocal:Robot_on_UI"
Personal tools