biolocal:Robot on UI

From Wiki CEINGE

Revision as of 16:46, 6 August 2009 by Gianluca (Talk | contribs)
Jump to: navigation, search

The CEINGE User Interface provides all the tools and libraries to manage robot certificates stored on Aladdin eToken, a USB hardware key used to safely store a robot certificate with its associated private key.

The eToken, containing the INFN certificate for bioinformatics applications, is attached to the UI server and can be used to generate proxy certificate.

Here follows the command to make a proxy certificate, starting from the robot:

[gianluca@clr55 ~]$ /opt/etoken-pro/bin/mkproxy --label="Robot: Bioinformatics Applications - Gianluca Busiello's INFN ID" --id=a75ee72542ad2716d6f21087258ba1f3142981e7

Once the proxy certificate is made, it is stored in the file /tmp/x509up_u551 and information on it can be requested by using the command:

[gianluca@clr55 ~]$ voms-proxy-info            
WARNING: Unable to verify signature! Server certificate possibly not installed. 
Error: VOMS extension not found!                                            
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
issuer    : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello         
identity  : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello         
type      : proxy                                                                                                 
strength  : 512 bits                                                                                              
path      : /tmp/x509up_u551                                                                                      
timeleft  : 11:58:08

Note the warning:

WARNING: Unable to verify signature! Server certificate possibly not installed.

Error: VOMS extension not found!

It means that the proxy certificate is not initialized on the VOMS and any "attribute certificate" on the VOMS is created. To do this, use:

[gianluca@clr55 ~]$ voms-proxy-init -noregen -voms

Where the -noregen option force the tools to skip the proxy creation and reuse the current one. Now the proxy info is correct and complete:

[gianluca@clr55 ~]$ voms-proxy-info --all
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy/CN=proxy
issuer    : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
identity  : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello/CN=proxy
type      : proxy
strength  : 1024 bits
path      : /tmp/x509up_u551
timeleft  : 10:17:17
=== VO extension information ===
VO        :
subject   : /C=IT/O=INFN/OU=Robot/L=Federico II/CN=Robot: Bioinformatics Applications - Gianluca Busiello
issuer    : /C=IT/O=INFN/OU=Host/L=Federico II/
attribute : /
timeleft  : 10:49:57
uri       :

To submit a job, as usual, use the command:

[gianluca@clr55 ~]$ glite wms-job-submit -a --vo test.jdl